www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://xgszb2.zbrjtstrclnm.com/
Title: Abandoned Houses | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ri=e624e497f53bc741d9bb2014a310e63f&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&it=text&ii=~~V1~~2781796006523480948~~oN3bwcOtjXvMqKM7vRW1jWoi0u1cJAo-Ov8cre3MjnRw6cLzOYgYTH58zK8cIqqSj7_n-Iy6XqFGHR5nVO5Qq9qMRv4AA_Pi_AZHIOldgPMudkUlToCGc3Rtl29LOvG_RdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=2150299fcbaf67aa377ab09d0b183b3c59bd81696d89&redir=https%3A%2F%2Fxgszb2.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25057335%7Cpalmate-bg3co%7C3691233993%26subid2%3D1524057%26subid3%3DBasilea%253A%2BNicht%2Bverkaufte%2Bverlassene%2BH%25C3%25A4user%2Bwerden%2Bfast%2Bjedem%2Bgeschenkt%26subid4%3Dch-de-tb-pavel-abandonedhousespr-100523-all-v1%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DBasilea%253A%2BNicht%2Bverkaufte%2Bverlassene%2BH%25C3%25A4user%2Bwerden%2Bfast%2Bjedem%2Bgeschenkt%26click_id%3DGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwoxba8_s6S1tNq%26dpco%3D1%26tblci%3DGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwoxba8_s6S1tNq%23tblciGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwoxba8_s6S1tNq&vi=1700601128714&p=tarzomedia-abandonedhouses-sc&r=89&tvi48=-48&tvi50=12261&lti=deflated&ppb=CMgH&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE2ODiA3LqXC0Cy0A1IvIgQUNiP2gNY____________AWMI0P__________ARDQ__________8BGDBkYwi_SBDlXxgyZGMI1xYQ1R8YI2RjCMouEJE-GDNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCO8DEORrGAlkYwj_RhCKZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAcmCjEmQARyYAcjO552_MQ&cta=true
Title: Jetzt Suchen

URL: https://wooden-houses-ch.com/
Title: Häuser | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ri=5d29861741e3a34d62240c15f08348b2&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&it=text&ii=~~V1~~3870495990601606541~~3Qec4gGcjQ3nlQ3rpLX1KZY1dI_EXBQaJfZaQPMrj6lw6cLzOYgYTH58zK8cIqqSkVNSC6iaJPmSgK6YU1G_ng3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7bCqCtUsghqXh8wfz-E8MS4k2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=147566d8e890dd2d08b92e1159b26aad9a53e9fd839c&redir=https%3A%2F%2Fwooden-houses-ch.com%3Fsub1%3D28320583---delimjuwe---3830795954%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyCnlWIolbHDxcyl99oR%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DBasilea%253A%25C2%25A0Unverkaufte%2BHolzh%25C3%25A4user%2Bwerden%2Bfast%2Bumsonst%2Bverkauft%2521%23tblciGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyCnlWIolbHDxcyl99oR&vi=1700601128714&p=ajaskagmbh-search-sedo-woodenhouses-sc&r=5&tvi48=-48&tvi50=12261&lti=deflated&ppb=CIUE&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE2ODiA3LqXC0Cy0A1IvIgQUNiP2gNY____________AWMI0P__________ARDQ__________8BGDBkYwi_SBDlXxgyZGMI1xYQ1R8YI2RjCMouEJE-GDNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCO8DEORrGAlkYwj_RhCKZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAcmCjEmQARyYAcjO552_MQ&cta=true
Title: Jetzt Suchen

URL: https://www.instantlymodern.com/trending/peaceful-dogs-de-ai-syn/
Title: InstantlyModern

URL: https://0mk96g.llsdzktnxwnnr.com/
Title: Fettabsaugung | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://1pljx8.snzgdl.com/
Title: E- Roller | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ri=f3967b6ced42c10a58dedb31d58e27bc&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&it=text&ii=~~V1~~-6562587940773457521~~_lM9i4zfLDykxSkfFmVS77xox1FYLt1_jXsw7ayohplw6cLzOYgYTH58zK8cIqqSc727pjYrZ0dbCVZs27M8_w3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7bS8zWk6S4S-C10ZvSN3eIDU2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=c563ddb87621a90bc356ac2a964e87ffac157563ec18&redir=https%3A%2F%2F1pljx8.snzgdl.com%3Fsubid1%3D29736472%26subid2%3D3847755708%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyDMs2Io_bHFmdWs88mlAQ%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DElegante%2Bneue%2BE-Scooter%2Bf%25C3%25BCr%2BSenioren%2Bim%2BJahr%2B2023%253A%2BDie%2BPreise%2Bwerden%2BSie%2B%25C3%25BCberraschen%26click_id%3DGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyDMs2Io_bHFmdWs88mlAQ%26dpco%3D1%23tblciGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyDMs2Io_bHFmdWs88mlAQ&vi=1700601128714&p=ajaskagmbh-search-e-scooter-sc&r=23&tvi48=-48&tvi50=12261&lti=deflated&ppb=CPEG&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE2ODiA3LqXC0Cy0A1IvIgQUNiP2gNY____________AWMI0P__________ARDQ__________8BGDBkYwi_SBDlXxgyZGMI1xYQ1R8YI2RjCMouEJE-GDNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCO8DEORrGAlkYwj_RhCKZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAcmCjEmQARyYAcjO552_MQ&cta=true
Title: Jetzt Suchen

URL: https://track.eternal-track.com/7db4d81e-3f56-43b3-b437-ab5ed4dabbe5
Title: Autos | Gesponsorte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ri=ab140c4e800c7564bf61ee413dd8b655&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&it=text&ii=~~V1~~2781796006523480948~~MCOiy-XcP-u1AxgensdoV2oi0u1cJAo-Ov8cre3MjnRw6cLzOYgYTH58zK8cIqqSMimiSNEhmdNXWfo7jHlSEdqMRv4AA_Pi_AZHIOldgPMudkUlToCGc3Rtl29LOvG_RdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=02c50d53f0f534a49acad64163732fa43ecc462189eb&redir=https%3A%2F%2Fxgszb2.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25057335%7Cpalmate-bg3co%7C3691233993%26subid2%3D1524057%26subid3%3DBasilea%253A%2BNicht%2Bverkaufte%2Bverlassene%2BH%25C3%25A4user%2Bwerden%2Bfast%2Bjedem%2Bgeschenkt%26subid4%3Dch-de-tb-pavel-abandonedhousespr-100523-all-v1%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DBasilea%253A%2BNicht%2Bverkaufte%2Bverlassene%2BH%25C3%25A4user%2Bwerden%2Bfast%2Bjedem%2Bgeschenkt%26click_id%3DGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwo_N7i-Nrxr9Fb%26dpco%3D1%26tblci%3DGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwo_N7i-Nrxr9Fb%23tblciGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwo_N7i-Nrxr9Fb&vi=1700601128714&p=tarzomedia-abandonedhouses-sc&r=87&tvi48=-48&tvi50=12261&lti=deflated&ppb=CJ0B&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE2ODiA3LqXC0Cy0A1IvIgQUNiP2gNY____________AWMI0P__________ARDQ__________8BGDBkYwi_SBDlXxgyZGMI1xYQ1R8YI2RjCMouEJE-GDNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCO8DEORrGAlkYwj_RhCKZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAcmCjEmQARyYAcjO552_MQ&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ri=0b26fb666ff84343d9d4c81c4ddc365a&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&it=text&ii=~~V1~~3870495990601606541~~Fb3sqOre6gGCCm3o9oELJZY1dI_EXBQaJfZaQPMrj6lw6cLzOYgYTH58zK8cIqqSn1OV0paklJAyh655pQ0hZw3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7bCqCtUsghqXh8wfz-E8MS4k2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=6e3f6a342a5e51587a03b4c2bc30e375cb8545493d88&redir=https%3A%2F%2Fwooden-houses-ch.com%3Fsub1%3D28320583---delimjuwe---3830795954%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyCnlWIoxLD2-aa_mJpq%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DBasilea%253A%25C2%25A0Unverkaufte%2BHolzh%25C3%25A4user%2Bwerden%2Bfast%2Bumsonst%2Bverkauft%2521%23tblciGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyCnlWIoxLD2-aa_mJpq&vi=1700601128714&p=ajaskagmbh-search-sedo-woodenhouses-sc&r=27&tvi48=-48&tvi50=12261&lti=deflated&ppb=CPUE&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE2ODiA3LqXC0Cy0A1IvIgQUNiP2gNY____________AWMI0P__________ARDQ__________8BGDBkYwi_SBDlXxgyZGMI1xYQ1R8YI2RjCMouEJE-GDNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCO8DEORrGAlkYwj_RhCKZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAcmCjEmQARyYAcjO552_MQ&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ri=4aca65a4507a73d5ae0459409e52aafc&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&it=text&ii=~~V1~~2781796006523480948~~8R7Xs648UTQvECiF9zMa7moi0u1cJAo-Ov8cre3MjnRw6cLzOYgYTH58zK8cIqqSINHdBVm4ngAipjJvrQo8HtqMRv4AA_Pi_AZHIOldgPMudkUlToCGc3Rtl29LOvG_RdbgwlJdnqyroTPEQNNEnyrGgfXraZfkqzxVI8YJiN0&pt=text&li=rbox-t2v&sig=fca87f27c90341fba8d29c0d492f6a247d6f5d46f775&redir=https%3A%2F%2Fxgszb2.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25057335%7Cpalmate-bg3co%7C3691233993%26subid2%3D1524057%26subid3%3DBasilea%253A%2BNicht%2Bverkaufte%2Bverlassene%2BH%25C3%25A4user%2Bwerden%2Bfast%2Bjedem%2Bgeschenkt%26subid4%3Dch-de-tb-pavel-abandonedhousespr-100523-all-v1%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DBasilea%253A%2BNicht%2Bverkaufte%2Bverlassene%2BH%25C3%25A4user%2Bwerden%2Bfast%2Bjedem%2Bgeschenkt%26click_id%3DGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwo7suR_JjnnabiAQ%26dpco%3D1%26tblci%3DGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwo7suR_JjnnabiAQ%23tblciGiDFyZma7TYQncEKlftVzdXwqabl70C3yLi5jsPqQ7J-TyD89Fwo7suR_JjnnabiAQ&vi=1700601128714&p=tarzomedia-abandonedhouses-sc&r=31&tvi48=-48&tvi50=12261&lti=deflated&ppb=CJIF&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE2ODiA3LqXC0Cy0A1IvIgQUNiP2gNY____________AWMI0P__________ARDQ__________8BGDBkYwi_SBDlXxgyZGMI1xYQ1R8YI2RjCMouEJE-GDNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCO8DEORrGAlkYwj_RhCKZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAcmCjEmQARyYAcjO552_MQ&cta=true
Title: Jetzt Suchen

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 154

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 155

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/400e0f54-7fd7-3cb3-81fa-a8714e72f707?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JYk04adE2oXTEy0X7qjWLe9KDI8b.D201we23K4-~A&redirect=

Request Chain 205

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP8U06J4-1T-IVXA HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP8U06J4-1T-IVXA HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 207

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LP8U06J4-1T-IVXA&ex=d-rubiconproject.com&status=ok

Request Chain 208

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r7bE1_lrSrGpLRpu4pNPdA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r7bE1_lrSrGpLRpu4pNPdA

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJkEIEjUj5EbhqF4MuyIMyA&google_cver=1

Request Chain 210

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/nT7OxRsKsY2FpOnApTXxKMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-w1hyGvFE2oLWlpb1rGJAc0bIS3sqoUH2zonSRA--~A

Request Chain 211

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XqYJKHvuT9-udtXHZdZXhw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XqYJKHvuT9-udtXHZdZXhw

Request Chain 213

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP8U06J4-1T-IVXA

Request Chain 214

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMzYmQxNmY3NGI2ZTBmYmQzOGIyNDgxYjY1ZjUwMTdmZWRiMWRlMg

Request Chain 215

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA4VTA2SjQtMVQtSVZYQQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENoOFFe-fsPSWEGpZVVklNg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA4VTA2SjQtMVQtSVZYQQ==&google_push=

Request Chain 216

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD-DU7KujoAABPF0Mc8hw&expires=30

Request Chain 217

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9f2eefbc-d741-4e7b-8269-d799c9b6b93e&expires=30

Request Chain 218

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP8U06J4-1T-IVXA

Request Chain 219

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LP8U06J4-1T-IVXA

Request Chain 220

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP8U06J4-1T-IVXA

Request Chain 221

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LP8U06J4-1T-IVXA

Request Chain 222

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LP8U06J4-1T-IVXA&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LP8U06J4-1T-IVXA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 263

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 267

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 297

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=2585a248-801d-49da-a20f-2667b2aa3225&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700601132940 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjU4NWEyNDgtODAxZC00OWRhLWEyMGYtMjY2N2IyYWEzMjI1

Request Chain 299

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700601132940 HTTP 302
https://sync.teads.tv/um?fp=1&eid=80&uid=7aed8f7c-e32f-4048-a8b5-13738eb2fd65&gdpr=0

Request Chain 300

https://pr-bh.ybp.yahoo.com/sync/teads/2585a248-801d-49da-a20f-2667b2aa3225?gdpr=0&_t=1700601132940 HTTP 302
https://sync.teads.tv/um?eid=132&uid=y-tE0gtcxE2oQoluxTHLrlOY.ObvXqKaUdpPA-~A

Request Chain 303

https://idsync.rlcdn.com/474599.gif?partner_uid=2585a248-801d-49da-a20f-2667b2aa3225_ch&_t=1700601132940 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzI1ODVhMjQ4LTgwMWQtNDlkYS1hMjBmLTI2NjdiMmFhMzIyNV9jaBAAGg0Irbr0qgYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECC1TgqsvQVu5FKNp6KG2H4&google_cver=1

Request Chain 306

https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=2585a248-801d-49da-a20f-2667b2aa3225&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1700601132940 HTTP 302
https://sync.springserve.com/usersync?aid=1000024&uuid=2585a248-801d-49da-a20f-2667b2aa3225

Request Chain 307

https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=2585a248-801d-49da-a20f-2667b2aa3225&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700601132940 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjU4NWEyNDgtODAxZC00OWRhLWEyMGYtMjY2N2IyYWEzMjI1 HTTP 302
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKkIqJlwDIhNqnKQcLFKv4Y&google_cver=1

Request Chain 310

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV0dLY-vVZAtHMOMJZdEkQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKkIqJlwDIhNqnKQcLFKv4Y&google_cver=1

Request Chain 326

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEMKz4fvl8KQ87NcTW32Vi8&google_cver=1&google_push=AXcoOmRvadfP7wu2r00rIbv_pO3DNpGoJose4j9sfckcJaSL1OhoD5eVXJ-bdMmm238klWZUdV5OL_TNDbHQo3sw7vX4AqN71U4 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEMKz4fvl8KQ87NcTW32Vi8&google_cver=1&google_push=AXcoOmRvadfP7wu2r00rIbv_pO3DNpGoJose4j9sfckcJaSL1OhoD5eVXJ-bdMmm238klWZUdV5OL_TNDbHQo3sw7vX4AqN71U4&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9BB24RQORy2L9AobT_OyLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRvadfP7wu2r00rIbv_pO3DNpGoJose4j9sfckcJaSL1OhoD5eVXJ-bdMmm238klWZUdV5OL_TNDbHQo3sw7vX4AqN71U4

Request Chain 327

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_cver=1&google_push=AXcoOmS3lblMpKn9z_UCA1UoCMCo08FnormEVeock4nxJNhYtkso6FLz4INa2W4puZt4iVqrJLNu3xyX_X5IyrO08-o69aLYsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_hm=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&google_nid=index&google_push=AXcoOmS3lblMpKn9z_UCA1UoCMCo08FnormEVeock4nxJNhYtkso6FLz4INa2W4puZt4iVqrJLNu3xyX_X5IyrO08-o69aLYsw

Request Chain 328

https://ads.yieldmo.com/exptsync?google_gid=CAESEALLgF5H7CWwN8Dwwo0SLzc&google_cver=1&google_push=AXcoOmQT4CvBiJ2vC-R1TbIVUr4uX-S35RR31V24zMACfJnd1zxqmHSdSO-Xb0moGDmmUIAEg1fF6MkJ6vAij4r12oWBr94JG4g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQT4CvBiJ2vC-R1TbIVUr4uX-S35RR31V24zMACfJnd1zxqmHSdSO-Xb0moGDmmUIAEg1fF6MkJ6vAij4r12oWBr94JG4g&google_hm=M0ZySE9TU1hYblNPcFNxQzh4WEI=

Request Chain 329

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED9HVBaM01Kh45WrvRY-Odo&google_cver=1&google_push=AXcoOmTAdEVn-BquWzWlEfm7uwKpZX-CJgBt65kbG5_WsUrl9BG3o5Q4QuQLQrdbwyg3TloqYCXXViz6OhsJq9FGpimdkqrmHA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTAdEVn-BquWzWlEfm7uwKpZX-CJgBt65kbG5_WsUrl9BG3o5Q4QuQLQrdbwyg3TloqYCXXViz6OhsJq9FGpimdkqrmHA&google_gid=CAESED9HVBaM01Kh45WrvRY-Odo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY3NjIyOTU1MTk4Mjg0MDUzMTIyNw%3D%3D&google_push=AXcoOmTAdEVn-BquWzWlEfm7uwKpZX-CJgBt65kbG5_WsUrl9BG3o5Q4QuQLQrdbwyg3TloqYCXXViz6OhsJq9FGpimdkqrmHA

Request Chain 330

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJkrQXnVojkaYD_PZpS4UKw&google_cver=1&google_push=AXcoOmRXCA-2mtSxBtMOXqJNo_qwJKsMP5iddkS0QwZXEwNhohMj3y3zNcBU4y-T11wCrKk9fMlwUWK3EdkooROLUOGk8s1xgcU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRXCA-2mtSxBtMOXqJNo_qwJKsMP5iddkS0QwZXEwNhohMj3y3zNcBU4y-T11wCrKk9fMlwUWK3EdkooROLUOGk8s1xgcU&google_hm=NjgyNjMzNTkwMzEyNDMyMjUzNw%3D%3D

Request Chain 331

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1&google_push=AXcoOmRY4EVXyOBQUwXvNbn83nvjwofTzqxitVCb2LYBKTBEcrb1tPzG6D7aEBiGohC-v5mCwkLMwSUrmaOLViiOILbxXMKrlIVW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRY4EVXyOBQUwXvNbn83nvjwofTzqxitVCb2LYBKTBEcrb1tPzG6D7aEBiGohC-v5mCwkLMwSUrmaOLViiOILbxXMKrlIVW HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 372

https://adpushup-d.openx.net/w/1.0/pd HTTP 302
https://adpushup-d.openx.net/w/1.0/pd?cc=1

Request Chain 378

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6117488627336397699

Request Chain 379

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=eef3548a53336fa2df689a6b7b2ae3&gdpr_consent=&gdpr=1

Request Chain 381

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_O5--AxHXlu3sNdDtmc5XYMvyVlWETmpw

Request Chain 384

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=FkTIx2iRsgFWMRr0hdIYjC0BKVitVOCXGDau1EUs-uk

Request Chain 386

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1

Request Chain 393

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
https://rt.gsspat.jp/lcs?lamp_sc=aladdin

Request Chain 394

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA4grSU1wzEdLd4T4NVYMAySS9thpaTeZz1gkI0PZLPa2Uf6LIbHEV_YJ2SsmJfVsAg&format=gif

Request Chain 395

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2 HTTP 302
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAzCw9viAzCcRY5VtQXlQjRuJrdUrYeZLRM3-T16Pq8tMVKRgi93IxmQmEswssOW15A&format=gif

Request Chain 396

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
https://g.c.appier.net/ge

Request Chain 404

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 409

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=6117488627336397699

Request Chain 410

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=Hsf4sRZHbG0LQ1usQLObA6-w

Request Chain 412

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700601134411 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3208530622

Request Chain 413

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5108559731008102379

Request Chain 414

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=a8ecfce3-36f9-4102-9564-bbd02aada8cc

Request Chain 415

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 416

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A

Request Chain 417

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-93426c00-e96b-38ff-88a5-509619b1c13c&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS05MzQyNmMwMC1lOTZiLTM4ZmYtODhhNS01MDk2MTliMWMxM2MQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS05MzQyNmMwMC1lOTZiLTM4ZmYtODhhNS01MDk2MTliMWMxM2MyAiIMOAE=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 418

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A

Request Chain 420

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 422

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wOZ6wMe3fcbb4X2Xz-tixcW2d8Hb5CuWwLehbRHB

Request Chain 423

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2280356163980672860

Request Chain 427

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKp2_fw_qjHDLMzycP1ksgM&google_cver=1

Request Chain 431

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smart/6826335903124322537

Request Chain 434

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=7aed8f7c-e32f-4048-a8b5-13738eb2fd65&gdpr=0&gdpr_consent=

Request Chain 436

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cf2b5170-0a6c-45c2-8aed-c49a1595875b&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Dsmartadserver%26bsw_param%3Dcf2b5170-0a6c-45c2-8aed-c49a1595875b%26gdpr%3D0%26gdpr_consent%3D%26gdpr_pd%3D

Request Chain 438

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_O5_Lv_OAab0EjEWZzLghmKtvGAKBFpDg

Request Chain 439

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1

Request Chain 441

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LP8U06J4-1T-IVXA&gdpr=0

Request Chain 442

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6117488627336397699

Request Chain 443

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=1d6dc82131f6a8cd3f86b4dac655425&gdpr_consent=&gdpr=0

Request Chain 444

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=6826335903124322537

Request Chain 446

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=drZq60u6REgdz_lNdzdgbFHAJ3vdTKwytufauda0Bk0

Request Chain 447

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjQxMDc2RTEtMTQwRS00NzJELThCRjQtMEExQjRGRjNCMjJG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 448

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A

Request Chain 450

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=cf2b5170-0a6c-45c2-8aed-c49a1595875b&google_hm=Y2YyYjUxNzAtMGE2Yy00NWMyLThhZWQtYzQ5YTE1OTU4NzVi HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPfuVjPpvdtqYTytxM4mwyk&google_cver=1&ssp=onetag&bsw_param=cf2b5170-0a6c-45c2-8aed-c49a1595875b HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 452

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/appnexus/6117488627336397699

Request Chain 455

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP8U06J4-1T-IVXA?gdpr=0

Request Chain 457

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/9fe3a0e3-7c5c-4e89-87d3-01066c8561f8&partner_id=1010

Request Chain 459

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/openx/f73eb30a-02e2-0b9b-2d45-5e02f48de87d

Request Chain 461

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP8U06J4-1T-IVXA HTTP 302
https://ads.servenobid.com/sync?pid=323&uid=LP8U06J4-1T-IVXA

Request Chain 462

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=6117488627336397699

Request Chain 463

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_051b9a9f-d38d-4696-923b-870787cc2d03&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=ed584e3d-f170-4ca7-8825-3946a6af6211&expires=1&user_group=2&ssp=gumgum2&bsw_param=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 464

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=a549d5ec-1a92-0d53-0c4b-890342614149

Request Chain 465

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-39275431-5e1c-49de-7606-98b3a5db806e$cell

Request Chain 466

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-yDgM1WhE2pcW61ghQlZ36ouhk3KdE4UspM2d~A

Request Chain 467

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=9f2eefbc-d741-4e7b-8269-d799c9b6b93e

Request Chain 469

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_051b9a9f-d38d-4696-923b-870787cc2d03&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_051b9a9f-d38d-4696-923b-870787cc2d03&s=2&us_privacy=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=iyBA3HdvaHybm7hlKm94&gdpr=0&us_privacy=1---

Request Chain 470

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=ileiZRwtJbDF&ev=1&pid=558355

Request Chain 471

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=6826335903124322537

Request Chain 474

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=8761265891034627687&gdpr=0&gdpr_consent=

Request Chain 478

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZV0dL8Co5s8AADDexssAAAAA

Request Chain 479

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o&pi=gumgum&tc=1

Request Chain 480

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 483

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 485

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RMJ2fkOTcXhfxXEpS89ue0GSe39fwCcoRJM1SFvd

Request Chain 487

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9BB24RQORy2L9AobT_OyLw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 488

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&gdpr=0&gdpr_consent=&ct=y

Request Chain 489

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1586128853

Request Chain 490

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDZhOEVoTUtwLUpSVHVoMjYtZXBlRFljUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=2280356163980672860&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 491

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKCompvVr1aFOUcN3TtDGgE&google_cver=1

Request Chain 494

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6142251128299967568

Request Chain 495

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zSnE0PxE2uXMLtoc.HOPwCXaMdhSAR4-~A&gdpr=0

Request Chain 501

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 502

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o?pi=smilewanted&tc=1

Request Chain 510

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=eef3548a53336fa2df689a6b7b2ae3&gdpr_consent=&gdpr=0

Request Chain 512

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F

Request Chain 515

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1676229551982840531227

Request Chain 516

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=cb2d9398-4d15-0a51-13a8-8019ca32caea

Request Chain 517

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

Request Chain 518

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F

Request Chain 519

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZV0dLY-vVZAtHMOMJZdEkQAA%261188

Request Chain 520

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=f4ce7a562280a01b4554a29d45f5baf5

Request Chain 525

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_cver=1

Request Chain 535

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6117488627336397699

Request Chain 537

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1d6dc82131f6a8cd3f86b4dac655425&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&gdpr=0&gdpr_consent=

Request Chain 538

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6826335903124322537&gdpr=0&gdpr_consent=

Request Chain 540

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0DF48809933F421289E3473EE520EC7C

Request Chain 541

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2280356163980672860&expiration=1701810735

Request Chain 544

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP8U06J4-1T-IVXA HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LP8U06J4-1T-IVXA

558 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html Show response
www.bg3.co/a/ 62 KB
18 KB 19216ms
1840ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5baccf5f40595cdc2c6cce908bc81e452cf4e62005017617104b2f3431abd865

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 21:12:07 GMT
etag: "f67a-jStz1REBtDu2zAaVA8756Y6B1r0"
expires: Tue, 21 Nov 2023 21:13:07 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 468ms
62ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 21:12:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73200
x-xss-protection: 0
server: sffe
etag: "b209cac081bc437c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 21:12:08 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 481ms
76ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 21:12:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9651
x-xss-protection: 0
server: sffe
etag: "e5d8e2e1a4e85f74"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 21:12:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 483ms
101ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29181d349de1cb519bcc29e5f512fd5cf7514af58f76c386b4090ac1d181b8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31447
x-xss-protection: 0
server: cafe
etag: 928 / 19682 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:12:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 415ms
47ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e92f10a2843ce4291426586878398f15b99a012a2100c48af2bac8ca8801c31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91448
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 21:12:08 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 107ms
39ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Nov 2023 11:24:28 GMT
server: cloudflare
age: 16526
etag: W/"655b41ec-a1eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 829beddc1c7f3755-MXP
expires: Wed, 22 Nov 2023 04:36:42 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 144ms
35ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF4) /
Resource Hash: 47e9772aade5d92d4b7a1145b1fbe499977b4b49af1725b8f5e3a71f6e8e1425

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: br
age: 30066
x-cache: HIT
x-client-device: desktop
content-length: 11417
x-ap-device: DESKTOP
last-modified: Tue, 21 Nov 2023 07:59:27 GMT
server: ECAcc (frc/4CF4)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Tue, 21 Nov 2023 22:12:08 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 767 KB
157 KB 143ms
34ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC5) /
Resource Hash: e31b806eb4ab3cdd20a2f1bade4063382077c33b8cde415f829939bf80353d6b

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: br
age: 52199
x-cache: HIT
x-client-device: desktop
content-length: 160115
x-ap-device: DESKTOP
last-modified: Tue, 21 Nov 2023 01:16:52 GMT
server: ECAcc (frc/4CC5)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Tue, 21 Nov 2023 22:12:08 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 683 KB
56 KB 284ms
213ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97fc3c5f72f39cbc5fd7a2fc73239291c84622ce10d8453f625d09298a15d0c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NxnGs2r9sR5X3KOzCM6zAQBWkU2QxQCt
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:08 GMT
x-amz-request-id: ZRZ07JE61ZSBX4HY
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 56769
x-amz-id-2: Xxb3VN4NRri8ZEQVKbSXUKRTNcu7J6ePpd2gZ24HVwQHnNJOuSs10NwYld3zyOZno/A7blU8lNU=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:52:26 GMT
server: AmazonS3
x-timer: S1700601128.343995,VS0,VE186
etag: "e11ad614e3cd224ccb276fb7bcc27b9a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

436ms
46ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6349
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAF2wZht0qHhmAFvEoxxaMBqZiYcvMxA%2FgskGnfN6d5GVl2Y1GMat3CIi1UNV%2FZAe3j8t4MvWL6lVTyaS37a17rLXUpXq8%2Ft05h22GJLTVuq1MxOvnE1ksn86KnCcsIixg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 829bede13c2a5995-MXP

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 player.js Show response
cdn.unibotscdn.com/player/mvp/ 331 KB
124 KB 532ms
35ms Script
application/javascript 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/player/mvp/player.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 6c8d47a6034307bb944699be960a5da5d005fd156cfd230c8ec261707e07d87e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-663
cdn-cachedat: 11/16/2023 07:44:49
cdn-pullzone: 873945
last-modified: Thu, 16 Nov 2023 07:43:37 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 656
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6555c829-52a84"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 8f9e5e7397d14a2a358846bf62c3ad73
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
563 B 201ms
193ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=F5971B7243964F013558E042F39E736B&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&t=300%E5%A4%9A%E8%90%AC%E4%BA%BA%E7%AD%89%E4%B8%8D%E5%88%B0%E8%8E%AB%E5%BE%B7%E7%B4%8D%20%E9%81%8B%E5%B0%87%E6%80%92%E9%A3%86%E8%94%A1%E6%94%BF%E5%BA%9C%E9%AB%92%E8%A9%B1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=19359&sc_rum_e_e=19364&sc_rum_f_s=0&sc_rum_f_e=19355&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 829beddc8d123755-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 402ms
34ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5798924
x-cache: HIT, HIT
content-length: 29880
x-served-by: cache-lga21979-LGA, cache-fra-etou8220101-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1700601129.791515,VS0,VE0
etag: W/"28feccc0-14e98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 44, 226

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 347ms
25ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5363028
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-etou8220101-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1700601129.791207,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 489812

GET
H2 404 Q0hfREVTS1RPUA==.json Show response
cdn.adpushup.com/fpe/42753/MAN_Data/ 555 B
209 B 428ms
428ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/fpe/42753/MAN_Data/Q0hfREVTS1RPUA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 21 Nov 2023 22:12:08 GMT
date: Tue, 21 Nov 2023 21:11:02 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
x-client-device: desktop
x-client-geo: CH

GET
H2 200 impl.20231121-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 819 KB
170 KB 28ms
27ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Goo1gyH5Mb13alrQ0W6zOWkgXcD8DEn0
content-encoding: br
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:08 GMT
x-amz-request-id: 2DT8Q5S0E2D8RNCZ
age: 8768
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173606
x-amz-id-2: mwihbDPG86wbqTFFkJwlQKv7Co+BELgA78GVz+oz+7VpwZpf7gRpNYseBtFWa2YYmy/p+skRJF4=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 10:24:38 GMT
server: AmazonS3-br
x-timer: S1700601129.633212,VS0,VE0
etag: "e14d5158d1e05939397417dd5bb9b1d9"
vary: Accept-Encoding
content-type: application/javascript
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 10

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 413ms
31ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 250551
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 76 KB
17 KB 385ms
375ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=22%3A12%3A08.717&lti=deflated&data=%7B%22id%22%3A907%2C%22ii%22%3A%22%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700567542539%2C%22vi%22%3A1700601128714%2C%22cv%22%3A%2220231121-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html%22%2C%22vpi%22%3A%22%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3596%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2201.5%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef4516fa09ce5ba77c42ef24fd34de60a44eddddcdeaa3dced8da2fc684e0500

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 348
date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.6525
x-fastly-to-nlb-rtt: 68943
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230091-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1700601129.734569,VS0,VE348
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 431ms
52ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700601128264&gcd=11l1l1l1l1&dma=0&cid=1789578989.1700601129&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700601128&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&dt=300%E5%A4%9A%E8%90%AC%E4%BA%BA%E7%AD%89%E4%B8%8D%E5%88%B0%E8%8E%AB%E5%BE%B7%E7%B4%8D%20%E9%81%8B%E5%B0%87%E6%80%92%E9%A3%86%E8%94%A1%E6%94%BF%E5%BA%9C%E9%AB%92%E8%A9%B1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=19768
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET b52105801b2bb4042bd4e11d3173bdb5.jpg
static.bg3.co/imgs/202309/ 0
0

GET 91e1bff7d56593b8c6774b15adfe139e.jpg
static.bg3.co/imgs/202309/ 0
0

GET 7f800c8cf18c02ba05a48864927487ad.jpg
static.bg3.co/imgs/202309/ 0
0

GET 217a5e9bc8e4f6912ac70dd76bb4e109.jpg
static.bg3.co/imgs/202309/ 0
0

GET 9694c6b028e401e6dbf05227a225d0b6.jpg
static.bg3.co/imgs/202309/ 0
0

GET 674388407cb8ffcc4d3bce5dbca762fb.jpg
static.bg3.co/imgs/202309/ 0
0

GET 506d0fcf95c9816f16939af50e9e2bdc.jpg
static.bg3.co/imgs/202309/ 0
0

GET 3f8505162771fa9b662797e9c0580d4e.jpg
static.bg3.co/imgs/202309/ 0
0

GET 2547139409989c98d6eaf21b29e949b6.jpg
static.bg3.co/imgs/202110/ 0
0

GET a602aa74b8de9f05530cb765c9716061.jpg
static.bg3.co/imgs/202310/ 0
0

GET d4c624518332fc5ab07a1fe69a5506ce.jpg
static.bg3.co/imgs/202310/ 0
0

GET 48acaa4f5f4bcdfd83ab51c7a6980cb7.jpg
static.bg3.co/imgs/202309/ 0
0

GET a5b0f314adf171c3cd65c884ab039a40.jpg
static.bg3.co/imgs/202107/ 0
0

GET 57fc270d081c808dba7b3caed8513723.jpg
static.bg3.co/imgs/202309/ 0
0

GET 84c3c095c5ba4cf4b6f1bb721bb17026.jpg
static.bg3.co/imgs/202309/ 0
0

GET 9edd3961b80f6860bb54bc9fdeb97ca0.jpg
static.bg3.co/imgs/202309/ 0
0

GET 935d752b6a531eeb80aad77984c665b4.jpg
static.bg3.co/imgs/202309/ 0
0

GET 4d338121f9d6c7a2851b1a74f437f5ef.jpg
static.bg3.co/imgs/202105/ 0
0

GET f38ab7c76444956a3bc3922cfa80a65f.jpg
static.bg3.co/imgs/202205/ 0
0

GET 125ae52dd575d9bb0956d5869bfb7f2e.jpg
static.bg3.co/imgs/202309/ 0
0

GET caee55dbf5324f1f8e695cc0fe27ac52.jpg
static.bg3.co/imgs/202310/ 0
0

GET cad020d5f4d413648d753c6ecba3091c.jpg
static.bg3.co/imgs/202309/ 0
0

GET 0ec4c5992d6b9d0494e07bc2d0974b5c.jpg
static.bg3.co/imgs/202107/ 0
0

GET cbd4ae3b7bf3f2323433c34572b443bc.jpg
static.bg3.co/imgs/202309/ 0
0

GET 57bff6b72c9741aa0ef5a9462478414a.jpg
static.bg3.co/imgs/202309/ 0
0

GET 0c94f175f3c188736e0acb222b8eed8f.jpg
static.bg3.co/imgs/202105/ 0
0

GET b641062e11db4803d7fe25701152ccd9.jpg
static.bg3.co/imgs/202309/ 0
0

GET 7a90831c11afb04e857a21d9ab7f86c3.jpg
static.bg3.co/imgs/202105/ 0
0

GET 83ad0b624d52912944ace6ef18bf097d.jpg
static.bg3.co/imgs/202309/ 0
0

GET 6f5581412fdbc9eb0d73efcd0eaafc59.jpg
static.bg3.co/imgs/202106/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 8 KB
3 KB 417ms
37ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 05:32:45 GMT
age: 315564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "ebb1be4e47c7faed"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 05:32:45 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 12 KB
5 KB 407ms
34ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 04:39:45 GMT
age: 405144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "3c281510b2fc8bce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 04:39:45 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 26ms
25ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29228
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:05:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 741ms
175ms Fetch
application/json 3.233.155.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 pb.42753.1698934930219.js Show response
cdn.adpushup.com/prebid/ 437 KB
127 KB 29ms
29ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C8E) /
Resource Hash: 6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Tue, 21 Nov 2023 21:12:08 GMT
content-encoding: br
age: 1599594
x-cache: HIT
x-client-device: desktop
content-length: 130160
last-modified: Thu, 02 Nov 2023 14:21:48 GMT
server: ECAcc (frc/4C8E)
etag: W/"6543b07c-6d3da"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 21:12:08 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
357 B 26ms
25ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD4) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: br
age: 6774948
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (frc/4CD4)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 21:12:09 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 655ms
154ms Fetch
application/json 3.233.155.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 36ms
35ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D07) /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: br
age: 5887745
x-cache: HIT
x-client-device: desktop
content-length: 18371
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: ECAcc (frc/4D07)
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 21:12:09 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 191ms
55ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA2MDExMjg5OTUsInBhY2tldElkIjoiMDAwMEE3MDEtYWNkNGZiMDktMWU4Ny00N2I3LWI5NzUtNjJhMmUzYTgwZGM2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzMwMGR1by1tby1yZW4tZGVuZy1idS1kYW8tbW8tZGUtbmEteXVuLWppYW5nLW51LWJpYW8tY2FpLXpoZW5nLWZ1LXphbmctaHVhLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=19978.700004577637
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 190ms
55ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
735 B 26ms
25ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1700601129144
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 20 Nov 2024 21:12:09 GMT
date: Tue, 21 Nov 2023 21:12:09 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (frc/4CC2)
age: 8331405
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 200 floating-unit.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 24ms
24ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6934568e6bc9d234b42c8b4cd6d329fb08a931be05057ad22411c8ffe9dbd68

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4hCcBZLiku6rBn7._KHnfnDgf49yF3e8
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: CHH8ZRKXX9CQ9H9G
age: 36381
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2492
x-amz-id-2: RSVF/AMaroFHDh+xy4jo32QKC96KQqybcDiU9GOzSMXgWCOf1kVCykOdFiX2s2z9jWZ5xeV80dY=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:05:49 GMT
server: AmazonS3
x-timer: S1700601129.174150,VS0,VE0
etag: "dd49e1ad31f717ebb9986bb2ee0f9941"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 18
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 10293

GET
H2 200 taboola-vignette-new-scanning.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 37ms
37ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e0520615c91ba524f0ba6daa5113feec9cb2b883fa19313fb9d9eef6a9195bb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pAbK3QB8.iEVAbAhXAFJUcnfGivcrN_q
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: 1C3A8CE9T789VGT9
age: 36406
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8019
x-amz-id-2: axM7KRxDWf57n9BJW7P6woRdI32Tdn1r2VXXHAfvUqcWK2wlqcLxQcK497ndlpJOldkWhWq3cEg=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:05:22 GMT
server: AmazonS3
x-timer: S1700601129.182420,VS0,VE0
etag: "931da4ecdce74822f54bfca0e2dc42df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 1
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7448

GET
H2 200 distance-from-article.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
2 KB 28ms
27ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d523aae1d54605fc3dabf35448e4e4892eaefacaa33f086943d8b9aedd9c9f36

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PukvgENl9P8p6Cep_nFjxChkl.Xu4Ung
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: V5J3ADE8RFGZFEBM
age: 36366
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: 3JAxA8iBqo8o+ULKoHR9w3WsPkB6mBSBRwLHoNAAuNqiUV2qCw3iUrNhTLq3/e3lRPD+VQ11f0U=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:06:03 GMT
server: AmazonS3
x-timer: S1700601129.192624,VS0,VE0
etag: "3156426a0edaa42aa2bf567f4a5c596f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 114389

GET
H2 200 article-detection.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 27ms
26ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebecabde36c90a8dd9a2f347e1e633087b143ba28dcacdf58528da0b26cb5791

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ddt198pxC_yRl_CaGpeDno3_LaTkP5ys
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: T9WDX4W5BNASMWS5
age: 36358
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: +W30AuUfkwSfo1AF0VbeoTJ55GNDrqRPdemr6iAJmdcEXRmN0Kd/+v8siJtvDwi5TCVnDphpjF0=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:06:12 GMT
server: AmazonS3
x-timer: S1700601129.192687,VS0,VE0
etag: "36b721518a3b258033d725e6c90d0fd9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 83
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 114325

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.5.9/ 120 KB
34 KB 117ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a92d33f554ce1738ba8de92d34c2e82eb9aa06f4c29a530e7fe5348954dee07

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 b99111dfd026a3c99d0e66063beb0544.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 299449
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 34194
x-served-by: cache-fra-eddf8230088-FRA
last-modified: Sat, 18 Nov 2023 10:01:07 GMT
server: AmazonS3
x-timer: S1700601129.272386,VS0,VE0
etag: "71c188f2046759c2140f9eafdaccf881"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 5er-avQ5JdkOhkczbLsW-HUEUzE9NY87pv5jE9Pe4YzzT5CaSMG_Dw==
x-cache-hits: 40789

GET
H2 200 feed-card-placeholder.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 32ms
29ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e996a0721e504efb3a2614ffebf96811dc56a2cb84a585ae495d146f8e43035c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ju9LmLHxGHd2SDosFr2KWDtYMujelG1T
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: TTPMVSZ315PRTH45
age: 36374
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1261
x-amz-id-2: o8wSPbUPKB0zB2i2rPO3v0aID4x4r8tWetHzBPMLJLAJEZTH42xbfPfcs6FNqozKP2ioOKiJ8PU=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:05:56 GMT
server: AmazonS3
x-timer: S1700601129.202107,VS0,VE0
etag: "9c15de28849e65a17e95bb39ea85ea2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 100669

GET
H2 200 userx.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 27ms
26ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9426567f042fca32ee04034ef8c83cf73aa1f698f8bf465a72671de0ecaaad74

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: h2ZFyZmVEll34KKR1rwSyQqtbSF9sBrg
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: T1PW22D174K7RJ7Y
age: 36410
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5396
x-amz-id-2: adoQFtb+JiFly5IYy6xTFxlxqDjpXf4iOezXSXU1dKiTccpswCSY4ct7JBF+FUEJ2T1CRqEthVo=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:05:19 GMT
server: AmazonS3
x-timer: S1700601129.202098,VS0,VE0
etag: "e04922542f64625b1a6e8ed0a5a5d7b1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 69
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 26188

GET
H2 200 explore-more.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 25ms
25ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70239190370dc8b6eac2cd2352b203507ab0c0ca1aad58a6a3d686b2cdfd08bf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sAMIBKLm6jY2OJimoy6TabKnWM3FyFmU
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: NA0WF347421E8ZB8
age: 36371
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7706
x-amz-id-2: fznur/YGUJlnO+puUqkWTCfXIcYQEV0SGRDXn1MFBTXuBB2e2lkJbWQ8xWtCneal4IUdgPRZ5d4=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:05:58 GMT
server: AmazonS3
x-timer: S1700601129.220636,VS0,VE0
etag: "cbe598f6658248d28d1a1f7ffe8c5bfb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 51036

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 261ms
66ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=22%3A12%3A09.167&id=2803&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 262ms
67ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700601129168%7D&tim=22%3A12%3A09.168&id=8675&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 261ms
67ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700601129178%7D&tim=22%3A12%3A09.179&id=3868&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 262ms
68ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A12%3A09.212&id=9084&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 258ms
65ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A09.215&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=7670&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44363

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 259ms
66ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A09.216&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=245&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44363

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 95ms
95ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A09.221&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=2212&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45076

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 96ms
95ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A09.258&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7996&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45703

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 96ms
96ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A09.271&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4247&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45703

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 40ms
39ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: Y1PG8J215N22T8P1
age: 50
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1700601129.289221,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 57
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 71

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 118ms
117ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2MDExMjkzNDAsInBhY2tldElkIjoiMDAwMEE3MDEtYWNkNGZiMDktMWU4Ny00N2I3LWI5NzUtNjJhMmUzYTgwZGM2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzMwMGR1by1tby1yZW4tZGVuZy1idS1kYW8tbW8tZGUtbmEteXVuLWppYW5nLW51LWJpYW8tY2FpLXpoZW5nLWZ1LXphbmctaHVhLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=20324.200004577637
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 106ms
106ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2MDExMjkzNTIsInBhY2tldElkIjoiMDAwMEE3MDEtYWNkNGZiMDktMWU4Ny00N2I3LWI5NzUtNjJhMmUzYTgwZGM2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzMwMGR1by1tby1yZW4tZGVuZy1idS1kYW8tbW8tZGUtbmEteXVuLWppYW5nLW51LWJpYW8tY2FpLXpoZW5nLWZ1LXphbmctaHVhLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=20336.200004577637
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 105ms
105ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2MDExMjkzNTQsInBhY2tldElkIjoiMDAwMEE3MDEtYWNkNGZiMDktMWU4Ny00N2I3LWI5NzUtNjJhMmUzYTgwZGM2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzMwMGR1by1tby1yZW4tZGVuZy1idS1kYW8tbW8tZGUtbmEteXVuLWppYW5nLW51LWJpYW8tY2FpLXpoZW5nLWZ1LXphbmctaHVhLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=20338
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 330 KB
331 KB 38ms
31ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8700800792896c850d0119b57b271acd6575caacf15a3e5a35f9bd3837193cc8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
age: 1085628
edge-cache-tag: 631347976359316422353633311561679458810,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631347976359316422353633311561679458810,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 563
expiration: expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazeteduvar.com.tr/
content-length: 338210
x-backend-name: US_nlb104
x-served-by: cache-iad-kjyo7100178-IAD, cache-iad-kjyo7100121-IAD, cache-iad-kiad7000091-IAD, cache-fra-eddf8230091-FRA
last-modified: Sun, 13 Aug 2023 11:53:44 GMT
server: nginx
x-timer: S1700601129.393647,VS0,VE2
etag: "c8d82434873a6f9968fdf981855747fb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5, 1

GET
H2 200 c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 93 KB
94 KB 68ms
62ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c8aa9c4d39e77564409792dc330a584ddff866e2cb1fc19b8035490d5427206

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
age: 2280855
edge-cache-tag: 631347976359316422353633311561679458810,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631347976359316422353633311561679458810,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 690
req-referer: https://viaggi.corriere.it/eventi/gallery/champoluc-ritratto-di-paese/?img=8
content-length: 95450
x-request-id: e4a4705d07f7dfc01b320c1da2cef8b0
x-backend-name: CH_nlb804
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kjyo7100130-IAD, cache-iad-kjyo7100106-IAD, cache-fra-eddf8230091-FRA
last-modified: Wed, 13 Sep 2023 17:45:33 GMT
server: nginx
surrogate-reporting: width=920,height=460,bytes=122427,owidth=2000,oheight=1330,obytes=517450
x-timer: S1700601129.393683,VS0,VE3
etag: "404df303ea3952fb290124fe2caede12"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 9, 1

GET
H2 200 a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 76ms
70ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f06e995e4dc83d1edb761524da0dcf7bd79b0cd59a575850194b66c3a61796f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age: 5516250
edge-cache-tag: 603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 205
expiration: expiry-date="Mon, 25 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://games.espn.com/
content-length: 37056
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000162-IAD, cache-iad-kjyo7100174-IAD, cache-iad-kcgs7200094-IAD, cache-fra-eddf8230091-FRA
last-modified: Fri, 25 Aug 2023 17:08:17 GMT
server: nginx
surrogate-reporting: width=1000,height=555,owidth=1000,oheight=600,obytes=1177283
x-timer: S1700601129.393660,VS0,VE4
etag: "0ec732c9c56a789a455588321467fe27"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 9228, 1

GET
H2 200 594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 11 KB
12 KB 36ms
30ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d26e201c5bf921cce628506e3d6b7d9645e6001d7b94d169d468249a43421f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
age: 2389189
edge-cache-tag: 414442406602868598301845405230173776699,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 414442406602868598301845405230173776699,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 90
expiration: expiry-date="Wed, 11 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lefigaro.fr/
content-length: 10784
x-backend-name: LA_nlb203
x-served-by: cache-iad-kiad7000172-IAD, cache-iad-kiad7000172-IAD, cache-lax10656-LGB, cache-iad-kcgs7200040-IAD, cache-fra-eddf8230091-FRA
last-modified: Sun, 10 Sep 2023 11:35:55 GMT
server: nginx
surrogate-reporting: width=460,height=256,owidth=2000,oheight=1457,obytes=197392
x-timer: S1700601129.393683,VS0,VE2
etag: "62fd0b04b6800b3d86bda697925731cb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 0, 1

GET
H2 200 a7c35d4102a017dffaa830b132ab8d6f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 44ms
43ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a7c35d4102a017dffaa830b132ab8d6f.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7569af9e695d984e96b60474567cc188f26e21cfa6c5cb84c98ef287cc63cba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a7c35d4102a017dffaa830b132ab8d6f.jpg
age: 4278879
edge-cache-tag: 629621281362959222947586092279207837946,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629621281362959222947586092279207837946,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 230
expiration: expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 16282
x-backend-name: CH_nlb802
x-served-by: cache-iad-kjyo7100137-IAD, cache-iad-kjyo7100086-IAD, cache-iad-kjyo7100031-IAD, cache-fra-eddf8230091-FRA
last-modified: Sun, 20 Aug 2023 20:46:05 GMT
server: nginx
x-timer: S1700601129.438431,VS0,VE2
etag: "6c3143e8fc5f66c043d9057d60172170"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 32, 1

GET
H2 200 49b8ac619f6c4afdf5b33b53e7e4c662.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
33 KB 34ms
34ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49b8ac619f6c4afdf5b33b53e7e4c662.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3c705942cd5ffda5b14093913d0f913d59ace1c200a97c99dea4746fc5b035d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49b8ac619f6c4afdf5b33b53e7e4c662.jpg
age: 3030660
edge-cache-tag: 314336690475499066846225731421675733621,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 314336690475499066846225731421675733621,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 626
req-referer: https://www.express.co.uk/
content-length: 33106
x-request-id: 765628e93bc338446a4ca370ed2557e7
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000136-IAD, cache-iad-kcgs7200110-IAD, cache-lax10666-LGB, cache-iad-kcgs7200046-IAD, cache-fra-eddf8230091-FRA
last-modified: Tue, 17 Oct 2023 14:21:55 GMT
server: nginx
surrogate-reporting: width=460,height=256,bytes=61170,owidth=1999,oheight=2005,obytes=421655
x-timer: S1700601129.457560,VS0,VE2
etag: "742cd2a86a1ae22172c1f95f5664aeca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 67, 1

GET
H2 200 bdc96404eba85fd374584ceed5e0d9cf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 33ms
33ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bdc96404eba85fd374584ceed5e0d9cf.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4264d2c442f18cc5aa7079a72a709e32811075aced702e27170b5bbf474e4a9a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bdc96404eba85fd374584ceed5e0d9cf.png
age: 2103473
edge-cache-tag: 366550682837043004145125579800052646069,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366550682837043004145125579800052646069,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 536
req-referer: https://flytant.com/
content-length: 19678
x-request-id: be7b5cf5d4aaf5b558341fc2965a7b62
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100060-IAD, cache-iad-kiad7000063-IAD, cache-lax10653-LGB, cache-iad-kjyo7100130-IAD, cache-fra-eddf8230091-FRA
last-modified: Sun, 13 Aug 2023 13:39:39 GMT
server: nginx
x-timer: S1700601129.464548,VS0,VE2
etag: "968eedb115307c944a83dda254c99dcd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 60, 1

GET
H2 200 c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 117 KB
118 KB 33ms
32ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da37d3f2aad8d172449cdfb982f89534043fde1b9cdacb3dc095f56fd449d4e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
age: 3230777
edge-cache-tag: 631347976359316422353633311561679458810,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631347976359316422353633311561679458810,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 276
expiration: expiry-date="Sun, 15 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abendblatt.de/
content-length: 119808
x-backend-name: LA_nlb202
x-served-by: cache-iad-kjyo7100118-IAD, cache-iad-kjyo7100118-IAD, cache-sna10724-LGB, cache-iad-kjyo7100085-IAD, cache-fra-eddf8230091-FRA
last-modified: Thu, 14 Sep 2023 12:33:53 GMT
server: nginx
surrogate-reporting: width=2000,height=1111,bytes=462721,owidth=2000,oheight=1330,obytes=517450
x-timer: S1700601129.470539,VS0,VE3
etag: "611e2e3399c6d51a4cd57f624af7ea1a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 12, 1, 9, 1

GET
H2 200 a7c35d4102a017dffaa830b132ab8d6f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 30ms
29ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a7c35d4102a017dffaa830b132ab8d6f.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 720b436413dd13e57f1aa61be7263701e97d95f0b783d842c32f4ce15a776951

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a7c35d4102a017dffaa830b132ab8d6f.jpg
age: 2437939
edge-cache-tag: 629621281362959222947586092279207837946,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629621281362959222947586092279207837946,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 204
expiration: expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.audacy.com/talk1370/news/business/the-hollywood-writers-strike-is-over-after-guild-leaders-approve-contract-with-studios
content-length: 18526
x-backend-name: US_nlb104
x-served-by: cache-iad-kiad7000046-IAD, cache-iad-kjyo7100034-IAD, cache-iad-kcgs7200096-IAD, cache-fra-eddf8230091-FRA
last-modified: Thu, 17 Aug 2023 06:44:38 GMT
server: nginx
surrogate-reporting: width=1000,height=555,owidth=1000,oheight=600,obytes=288474
x-timer: S1700601129.470131,VS0,VE1
etag: "4fb6d558c6756fb6203f7a3747815da3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 30, 1

GET
H2 200 a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 115 KB
116 KB 40ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cc3c276bb1787b7080ea3cc296a84f7d4dcf781592ad14cabc3ec9ff497d682

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age: 3063628
edge-cache-tag: 603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Mon, 25 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ouest-france.fr/
content-length: 117914
x-backend-name: US_nlb101
x-served-by: cache-iad-kiad7000162-IAD, cache-iad-kjyo7100129-IAD, cache-iad-kiad7000032-IAD, cache-fra-eddf8230091-FRA
last-modified: Fri, 25 Aug 2023 17:08:17 GMT
server: nginx
surrogate-reporting: width=1000,height=555,owidth=1000,oheight=600,obytes=1177283
x-timer: S1700601129.499868,VS0,VE2
etag: "0ec732c9c56a789a455588321467fe27"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1305, 1

GET
H2 200 594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 32 KB
33 KB 36ms
35ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0241c3f3f13bb847c5aff54769b3de470d263a088a589ae4b3efb768270d7b2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
age: 2446334
edge-cache-tag: 414442406602868598301845405230173776699,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 414442406602868598301845405230173776699,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 247
expiration: expiry-date="Wed, 11 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.kleinezeitung.at/
content-length: 33236
x-backend-name: US_nlb102
x-served-by: cache-iad-kcgs7200046-IAD, cache-iad-kiad7000159-IAD, cache-iad-kjyo7100020-IAD, cache-fra-eddf8230091-FRA
last-modified: Sun, 10 Sep 2023 12:06:46 GMT
server: nginx
surrogate-reporting: width=940,height=523,owidth=2000,oheight=1457,obytes=197392
x-timer: S1700601129.499833,VS0,VE1
etag: "3bb4cf0d908a96cab5dd4873ba3cea84"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 6, 1

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 83ms
82ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA2MDExMjkzNDAsInBhY2tldElkIjoiMDAwMEE3MDEtYWNkNGZiMDktMWU4Ny00N2I3LWI5NzUtNjJhMmUzYTgwZGM2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzMwMGR1by1tby1yZW4tZGVuZy1idS1kYW8tbW8tZGUtbmEteXVuLWppYW5nLW51LWJpYW8tY2FpLXpoZW5nLWZ1LXphbmctaHVhLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=20380.800003051758
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
17 KB 491ms
491ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3192230334715607&correlator=3746018190251957&eid=31079673%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700601129434&lmt=1700601129&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1789578989.1700601129&ga_sid=1700601129&ga_hid=2003581387&ga_fc=true&dlt=1700601128236&idt=1167&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv8_e%26faid%3Dfalse&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2b608e1da905a7c416bed6c8cba74b780567b6369231b7b944a893cfb320976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16610
x-xss-protection: 0
google-lineitem-id: 6393702623
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138449154837
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d9b8a84f35c6eacb6ef29908522ec6c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1886 6 KB
3 KB 511ms
45ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d9b8a84f35c6eacb6ef29908522ec6c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:12:09 GMT
expires: Wed, 20 Nov 2024 21:12:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 39 KB
14 KB 37ms
34ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-34-248-177-109.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39768
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13750
x-xss-protection: 0
server: cafe
etag: 15254217830347453119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 10:09:21 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 21 KB
9 KB 468ms
37ms Script
application/javascript 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 28 Nov 2023 21:12:09 GMT

GET
H2 200 next-up-widget.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 43ms
42ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef32366c61ae00714ae6532290f196b3e233249a13f5ebe8594779d31c593409

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yDp8gpe_X3Sq84T5WDAaqvaqbHasflEa
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: QMA2GG8H12V8HNZ0
age: 36384
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: Jn6wDUSC5NMtoD4JtcpZ03IrQGIv5PfyNMN5U5Cilv8Et+slYyu1Rdv4wBJThAIvgDK3itW4Sqk=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:05:45 GMT
server: AmazonS3
x-timer: S1700601129.492491,VS0,VE0
etag: "c60c9f285ae332210a41e9959a3191d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 97
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 10060

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
618 B 51ms
50ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8789
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnMU4dxZSfOjPOhfp9UB%2Fpt40gDj4KNlTcVpS0m%2BYZ6ka%2Fjy3qdumiIhgAuaeFOi%2B10qelhCd1klHCWKNoaM2%2B21CbUn32mOlkrAHdOTW4u7Nu9AcwKKQvyvj3SPMx8XXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 829bede34fae5995-MXP

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 471ms
115ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: dc1c79a29cd949495325305d5b82b3bcd9ff643540501d49abce6150e4532670

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 489ms
226ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.26337131666384916&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:09 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 493ms
49ms XHR
application/json 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231121

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6f1048bf97e0daf6b9eba804c11f6d2ee6736726c3b8a5c4c3c42063383cf56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18677
x-jsd-version: 1.0.1881
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-mrs10546-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"643-7vZcYomrQmvX1we42OIbnEkre24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDnWFsOtvofsqqxEJ%2FdfOlXb1yx76eO2EDPIqg%2FWa6%2BGVrFPeBULDbCzvV9QCNH0bnowV7eoIk5jWXI9GcoZ9aKeLU1Yjn95xbwnJtfadjHa5e%2FcjfZU92pzngZBhfQMQj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829bede6884822aa-CDG

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
519 B 1232ms
1080ms XHR
application/json 34.248.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.177.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 755
content-length: 3
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 23 B
360 B 241ms
164ms XHR
application/json 3.75.115.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.115.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-115-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 20b4e08f75ebbf856a95d81c4ac7fc2039d108cc643c4ea3ffff640945e8a8d8

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 21 Nov 2023 21:12:09 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 48

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
407 B 267ms
182ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-18-196-99-134.eu-central-1.compute.amazonaws.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 2 KB
1 KB 397ms
277ms XHR
application/json 88.221.125.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-39.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ce313253def291f446740179738d7348bc70a9b82ab1f6a5a979f43d3235ec4

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 490
expires: Tue, 21 Nov 2023 21:12:09 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
316 B 226ms
157ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ff2a878e21f24770479cb464cd964d6ae692d748fa91a83f25da05a6ba36d4

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrjrUD%2BC1Rux6m6HbQLDZaWrpyGdRYOWMj4u265cXfPXx5Y%2FGGi%2By%2B3L8egChNu%2BHXxMpE89dqU%2FrwYFZaPEAyVnEH78W7v6Wr2r1nByQbuew%2FkNpL5pLfYEoUFP7pwO95mLRDoU"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829bede4489401f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
550 B 142ms
74ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ff2a878e21f24770479cb464cd964d6ae692d748fa91a83f25da05a6ba36d4

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1g1UIqrVY5Bet79A47pWVTnpiDWQsW%2Feo%2B5C%2FdT6QClW3eh%2B48hKg4AMdnbOm0L43K%2BSdSrRgqDmdGcaS2LiTjDzT2WgagQkyB7%2BBchIGrQ8IRU75%2B4Rzk%2FpaWXesrjc5RO1ZZ%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829bede4489001f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 1209ms
797ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=14004693135&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Tue, 21 Nov 2023 21:12:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 592 B
669 B 187ms
47ms XHR
application/json 54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8575
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01c3453fd5eede499fd1f651daa0f25ed493bcf0037253c00866be50d6c9dcd9

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 145ms
57ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 829bede47d78bac3-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
350 B 144ms
44ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Tue, 21 Nov 2023 21:12:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
588 B 166ms
74ms XHR
application/json 18.196.99.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&tmax=2500

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.196.99.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status: 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
467 B 176ms
38ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 12a9271aa35b21fc4955d79ae8adf5309e9d31ecd9f5a016717191edfe64d75c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.3.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
2 KB 1376ms
919ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=936e6eb8-ce7d-409e-89ae-aed002b20933%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C300%E5%A4%9A%E8%90%AC%E4%BA%BA%E7%AD%89%E4%B8%8D%E5%88%B0%E8%8E%AB%E5%BE%B7%E7%B4%8D%E9%81%8B%E5%B0%87%E6%80%92%E9%A3%86%E8%94%A1%E6%94%BF%E5%BA%9C%E9%AB%92%E8%A9%B1&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce&l_pb_bid_id=43986908f64e711&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce&rp_maxbids=1&slots=1&rand=0.3791778708571556
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5d095b0583b096925064f18bd519f20c4404ffb2f2e01db7e74a9b0f83bfb510

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:10 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
702 B 122ms
34ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

9e046de75799c28c4842efa9fbe18c79eeb975fe6c2b0814b04b6e0b932354ec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
an-x-request-uuid: bde42b47-a674-4c3d-a66f-8a46d282d847
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
229 B 125ms
55ms XHR
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8c4cdc072e86e22b663847d92453cecacc612164c0cb6379643b11d1f73cc89e

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
346 B 120ms
50ms XHR
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8c4cdc072e86e22b663847d92453cecacc612164c0cb6379643b11d1f73cc89e

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 219ms
144ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 5f30f3ec2b032ae8b849cd0753dd460f167f80cd40fb4fdb333093f64f905e84

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 95
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 21:12:09 GMT

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 84ms
84ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22388.375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A12%3A09.619&id=9112&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 82ms
82ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1386%7D%22%2C%22eventTime%22%3A1700601129621%7D&tim=22%3A12%3A09.621&id=9535&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 70ms
70ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A09.633&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6225&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45429

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 1203ms
794ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-34-248-177-109.eu-west-1.compute.amazonaws.com

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 21:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:08:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 21:12:10 GMT

GET
H2 200 spa-detector.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 31ms
29ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 997e552a135d9776335b91483926c7d397a4725edc685b3eb832ec2e2160f2e4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dhaD6whcUcEKjGvpR_CYlGNQSo5hul8Q
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:09 GMT
x-amz-request-id: EXTDGHN8N8QS04GE
age: 36394
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 779
x-amz-id-2: hAF8D9+TqXFldOTyMVssxcZM/upLjDrrzUjeTFvSVG708ERrPPZFMj+xQ6DcaHf15l29bFhzhTU=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 21 Nov 2023 11:05:36 GMT
server: AmazonS3
x-timer: S1700601130.656499,VS0,VE0
etag: "ce4d50b6753e10ad08a2572e009891bf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 52415

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 63ms
62ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A12%3A09.634&id=5498&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 65ms
63ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700601129644%7D&tim=22%3A12%3A09.644&id=1115&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 64ms
63ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A12%3A09.646&id=9888&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 65ms
64ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12261&lti=deflated&ri=c58a11c3ae2f84d083176b2d637c98bb&sd=v2_a3f4984d32980dc8f5ccc2a4d569c9d4_c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8_1700601128_1700601128_CNawjgYQ2YJdGIrO552_MSABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&pi=/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&wi=8580201108016326502&pt=text&vi=1700601128714&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700601129648%7D&tim=22%3A12%3A09.648&id=7071&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK playerConfig Show response
socket.unibots.in/website/ 4 KB
4 KB 1421ms
251ms XHR
application/json 139.144.5.218
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.144.5.218 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 139-144-5-218.ip.linodeusercontent.com
Software: / Express
Resource Hash: 6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 21:12:11 GMT
keep-alive: timeout=5
x-powered-by: Express
content-length: 3737
etag: W/"e99-DlD8MarDyco2rkZchfDXSV4nBa4"
content-type: application/json; charset=utf-8

GET
H2 200 c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 6 KB
7 KB 39ms
39ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e353eeb27109044cbb72c329de8c45a0c22fb4cd0e49ae0772a32a01f57844e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 11
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
age: 872193
edge-cache-tag: 631347976359316422353633311561679458810,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631347976359316422353633311561679458810,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 142
expiration: expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://trueedition.com/
content-length: 6604
x-backend-name: CH_nlb804
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kjyo7100065-IAD, cache-iad-kcgs7200091-IAD, cache-fra-eddf8230091-FRA
last-modified: Sun, 13 Aug 2023 11:55:47 GMT
server: nginx
x-timer: S1700601130.701683,VS0,VE11
etag: "0b096c77bec611d3b5ea4f40418a942d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1

GET
H2 200 a7c35d4102a017dffaa830b132ab8d6f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
3 KB 36ms
36ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a7c35d4102a017dffaa830b132ab8d6f.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ae305847e8c3ce106dde3d2774019280ee926d98bec917a2ef5473f40bb59013

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a7c35d4102a017dffaa830b132ab8d6f.jpg
age: 4290097
edge-cache-tag: 629621281362959222947586092279207837946,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629621281362959222947586092279207837946,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 229
expiration: expiry-date="Fri, 06 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://fancy24.eu/
content-length: 2650
x-backend-name: CH_nlb802
x-served-by: cache-iad-kjyo7100101-IAD, cache-iad-kiad7000108-IAD, cache-iad-kjyo7100141-IAD, cache-fra-eddf8230091-FRA
last-modified: Tue, 05 Sep 2023 14:17:09 GMT
server: nginx
surrogate-reporting: width=160,height=160,owidth=1000,oheight=600,obytes=288474
x-timer: S1700601130.709886,VS0,VE2
etag: "e937ae2493bc81618a35541160b11153"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1

GET
H2 200 a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 35ms
34ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ea8122128001fb61ba3e2db9a2c8b47e30d857145dc7017157e6f8c20d3fe928

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age: 2686090
edge-cache-tag: 603464470960477801790457014709346231010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603464470960477801790457014709346231010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 174
req-referer: https://news.koreadaily.com/
content-length: 9056
x-request-id: 97f41bf3ffce520d7b143cf3ff4d2b52
x-backend-name: LA_nlb204
x-served-by: cache-iad-kcgs7200043-IAD, cache-iad-kcgs7200134-IAD, cache-sna10729-LGB, cache-iad-kiad7000077-IAD, cache-fra-eddf8230091-FRA
last-modified: Sat, 16 Sep 2023 22:27:09 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=17646,owidth=1000,oheight=600,obytes=1177283
x-timer: S1700601130.709886,VS0,VE1
etag: "849008b74f984a8816fbe7bfbaf6a874"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 993, 1

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
518 B 997ms
986ms XHR
application/json 34.248.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.177.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 689
content-length: 3
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 103ms
98ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 829bede56f01bac3-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 159ms
154ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: ba6fe41dfb7b62bdeea6cf60024a49fde6b47052112fde5e98ed743c223aa1b9

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 21:12:09 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
587 B 79ms
76ms XHR
application/json 18.196.99.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&tmax=2500

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.196.99.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-99-134.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
accept-ch: sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version
x-auction-status: 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
309 B 145ms
141ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484f984d3e7cb54e0339f4553e4a8368ddb940ad9559d090184f1c51862299d9

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrtbvgJjsbXADqu7IH2SnZWhye7BxdY3i%2Bk%2FQkyI8MXI7dgvfBGz3l98ucpmN9hgzWxzHq%2Bm535loz42FbORzKAzO7P6P2BonqvO2RUegI06mZHWgSrbYlsVCX0f664kBfGzZher"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829bede56aaa01f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
315 B 131ms
128ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484f984d3e7cb54e0339f4553e4a8368ddb940ad9559d090184f1c51862299d9

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqej8MQMVE3nxRTxH7bONTepceBDHOZvFpIuFYxFOGkMy%2F5gsZb7pItkevE%2BgxDbWdq1beQ%2BL4s5QNSnLrLAynnjHCj4wdTDbTbuWxWJNkW%2FT1e%2BDvZf%2Bb0dmdiFfv8LcC3wLUlh"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829bede57ab101f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
308 B 98ms
95ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484f984d3e7cb54e0339f4553e4a8368ddb940ad9559d090184f1c51862299d9

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BptE%2BPSuTDo00eDQ%2Fo63EyKpD41a%2B6PwOb08n7eWfrGunmH8PmFtWsmQ6VoH7ISYYoHvbZmh49vaA0nVWJmLUd9sImp3M33TivI79IN0hNJUqGxlwTCc9LD7QmRpz75PbWpbOsiR"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829bede57ab301f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
234 B 80ms
78ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Tue, 21 Nov 2023 21:12:09 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
229 B 84ms
80ms XHR
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: d8ea726fd1a676ba09ac18bf1d97a882fb1909dda4657522bf44bf4bd332c6e5

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
220 B 85ms
81ms XHR
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: d8ea726fd1a676ba09ac18bf1d97a882fb1909dda4657522bf44bf4bd332c6e5

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 adreq Show response
ads.servenobid.com/ 592 B
666 B 88ms
84ms XHR
application/json 54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=3552
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 73b969d133958ce4c6ea560d5eb50b437a9211631356759398f72127eaa2303d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:09 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 414 B
874 B 952ms
951ms XHR
application/json 88.221.125.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-39.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bc84ed5b13f3daf334c7605cbe16dffc29d0f6da27ecc17a479a33ff25067126

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:10 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 305
expires: Tue, 21 Nov 2023 21:12:10 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
361 B 199ms
198ms XHR
application/json 3.75.115.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.115.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-115-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd3aa9e08f15b5ea3aab1a32a127ae56f3bb84dec8072a3fbe37a5a35d327694

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 21 Nov 2023 21:12:09 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
7 KB 940ms
939ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e07e816a355a26d976cc1abddade5fd49f382b8b91c0b4764ec92f6b4397b7b9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:10 GMT
content-encoding: gzip
an-x-request-uuid: ed332b61-553b-4f10-9046-3dd0fd2633c1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 950ms
948ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
188 B 944ms
799ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=30692857792&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Tue, 21 Nov 2023 21:12:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
466 B 78ms
76ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 80ba4e55944fc8c5b308be26142b24739ebf132f90daa2657cb3c0c28ae89436

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.3.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 399 B
902 B 1081ms
888ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=936e6eb8-ce7d-409e-89ae-aed002b20933%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C300%E5%A4%9A%E8%90%AC%E4%BA%BA%E7%AD%89%E4%B8%8D%E5%88%B0%E8%8E%AB%E5%BE%B7%E7%B4%8D%E9%81%8B%E5%B0%87%E6%80%92%E9%A3%86%E8%94%A1%E6%94%BF%E5%BA%9C%E9%AB%92%E8%A9%B1&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=f8849478-e1ed-4e5e-9895-540e9184f42b&l_pb_bid_id=887603ff0dc398e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f8849478-e1ed-4e5e-9895-540e9184f42b&rp_maxbids=1&slots=1&rand=0.6523224985509621
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 97dc114cc3acc34dd415df3580a25ccef8bea5725331cf17486d4559f4fb0c7b

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:10 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 399
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 981F 439 B
425 B 89ms
45ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&cmcv=&pix=undefined&cb=1700601129940&uv=3358&tms=1700601129940&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!rbcatc_vA!t45!tmaxc_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9a9104d5-d4f1-43e7-aba5-832c78d9cb2a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 192892267308ff3ea676ca8f0b06f1b1ad4be433b04c697a4e00c62423a80a3c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 21 Nov 2023 21:12:10 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230091-FRA
x-timer: S1700601130.997860,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 7986 422 B
508 B 979ms
85ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e2bcac6ddfc9036bba681d77bdb0fc4f7e73c7e79c46d1d412b8c2d761d14277

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 21 Nov 2023 21:12:10 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
722 B 818ms
804ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700601129969&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1574&pt=-1462462937&tz=60&viewable=true&ddast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vA!rbcatc_vA!t45!tmaxc_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ab0ef328eba8be432aa6069cac27311b68dc6ed5fb3aa1bf0a2f2445f159db1a

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 21 Nov 2023 21:12:10 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1473
x-cache: MISS
x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
server: nginx
x-timer: S1700601130.998111,VS0,VE313
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 973ms
48ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&cmcv=&pix=31589837&cb=1700601129939&uv=3358&tms=1700601129939&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!rbcatc_vA!t45!tmaxc_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1700601109017.2!ts:1700601129939&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
content-length: 0
server: nginx

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame DD91 714 B
607 B 42ms
39ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 6088
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 829bede68cbd5995-MXP
content-encoding: br
content-type: text/html
date: Tue, 21 Nov 2023 21:12:10 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6KnpoAPhCi0fe4IkWOiEdT9SdfSZWENTsefPMBIvm2xMyT7yJMO1VPhJcrrhC9uzYFXO9GMHGsgiW611lKgmDxcxhOY58g0iNaL5EwyOAjumosecA7voFOAMlUFBfe2sw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame ED0F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
555 B

117ms
25ms

Document
text/html

2.16.97.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-239.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Nov 2023 21:12:11 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 21 Nov 2023 21:12:10 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1

200
OK

idsync
sync.aralego.com/
Redirect Chain

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/400e0f54-7fd7-3cb3-81fa-a8714e72f707?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JYk04adE2oXTEy0X7qjWLe9KDI8b.D201we23K4-~A&redirect=

35 B
155 B

766ms
218ms

Image
image/gif

162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JYk04adE2oXTEy0X7qjWLe9KDI8b.D201we23K4-~A&redirect=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: HTTP/1.1
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
connection: close
content-length: 35
content-type: image/gif

Redirect headers

date: Tue, 21 Nov 2023 21:12:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JYk04adE2oXTEy0X7qjWLe9KDI8b.D201we23K4-~A&redirect=
content-length: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame A8DA 4 KB
744 B 750ms
750ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 21:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 20:21:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 21:12:10 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame A8DA 21 KB
9 KB 871ms
56ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame CD14 24 KB
10 KB 821ms
68ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9747ec69ac8a41ea43575bffbbafc1e9b9c37ef2b3147fe45463c68af4189419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10197
x-xss-protection: 0
server: cafe
etag: 389867605470656484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:12:10 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 981F 70 B
149 B 802ms
60ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&cmcv=&pix=undefined&cb=1700601129940&uv=3358&tms=1700601129940&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!rbcatc_vA!t45!tmaxc_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9a9104d5-d4f1-43e7-aba5-832c78d9cb2a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 981F 43 B
426 B 831ms
68ms Image
image/gif 52.213.173.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&cmcv=&pix=undefined&cb=1700601129940&uv=3358&tms=1700601129940&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!rbcatc_vA!t45!tmaxc_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9a9104d5-d4f1-43e7-aba5-832c78d9cb2a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.173.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 981F 0
125 B 772ms
49ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DD91 98 KB
30 KB 773ms
772ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce63f210406f0e725f765e93097b377cc3e92b765871c8ac50f7a793402cd006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30308
x-xss-protection: 0
server: cafe
etag: 492 / 19682 / 31079695 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:12:10 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
642 B 788ms
57ms Script
application/javascript 18.66.97.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:38 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: qQAeikc8Heyt0O2rQpRLX1SH2C7qHIqw_tTVtTJmEyl20Rbem702ZQ==

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
310 B 539ms
538ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=-48&tvi50=12261&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 85
date: Tue, 21 Nov 2023 21:12:10 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 68893
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
server: nginx
x-timer: S1700601131.802339,VS0,VE85
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 404 L2EvMzAwZHVvLW1vLXJlbi1kZW5nLWJ1LWRhby1tby1kZS1uYS15dW4tamlhbmctbnUtYmlhby1jYWktemhlbmctZnUtemFuZy1odWEuaHRtbA==.json Show response
cdn.adpushup.com/42753/ 555 B
227 B 607ms
606ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvMzAwZHVvLW1vLXJlbi1kZW5nLWJ1LWRhby1tby1kZS1uYS15dW4tamlhbmctbnUtYmlhby1jYWktemhlbmctZnUtemFuZy1odWEuaHRtbA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 20 Nov 2024 21:12:11 GMT
date: Tue, 21 Nov 2023 21:11:04 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31536000
x-client-device: desktop
x-client-geo: CH

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
712 B 208ms
207ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 21 Nov 2023 21:12:10 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 11064
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1700601131.802503,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4680

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 60 KB
8 KB 80ms
74ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1700031478
date: Tue, 21 Nov 2023 21:12:10 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 01ZE3T7XP57151WV
age: 569589
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1700031478
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: k9gB+Y29FuCyJHskv/394eW+LOyrVO+qIGhB9T9SBj9XBZsWz0mtij14fjN8fn2goV1aIx2T/Zg=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Wed, 15 Nov 2023 06:57:59 GMT
server: AmazonS3-br
x-timer: S1700601131.893958,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 638164

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 604 KB
121 KB 71ms
66ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1700031467
date: Tue, 21 Nov 2023 21:12:10 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 01Z2TXEZZ8JF4AVH
age: 569589
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1700031468
x-amz-meta-mode: 33188
content-length: 123398
x-amz-id-2: NS2Ow4as7ytlYWEYMfJ1Q7B4SNOr19XVQQpMwKelifcyO9+4eIHJ+x74kkTTgqn0EVOjr+aQJUc=
x-served-by: cache-fra-eddf8230088-FRA
last-modified: Wed, 15 Nov 2023 06:57:49 GMT
server: AmazonS3-br
x-timer: S1700601131.893913,VS0,VE0
etag: "e8023cd27890386539e680dcc790152c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 537000

GET
H2 200 a1551001.js Show response
js.genieessp.com/t/551/001/ Frame E382 9 KB
4 KB 1977ms
1146ms Script
application/javascript 222.230.178.131
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/551/001/a1551001.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.131 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 08:10:59 GMT
server: nginx
etag: W/"65016e93-2598"
content-type: application/javascript
cache-control: max-age=900, private
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Nov 2023 21:27:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E382 202 KB
64 KB 775ms
386ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:12:11 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 53ms
53ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS8zMDBkdW8tbW8tcmVuLWRlbmctYnUtZGFvLW1vLWRlLW5hLXl1bi1qaWFuZy1udS1iaWFvLWNhaS16aGVuZy1mdS16YW5nLWh1YS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYWNkNGZiMDktMWU4Ny00N2I3LWI5NzUtNjJhMmUzYTgwZGM2IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjliYjNlNGVhLTgzMjctNGU3ZC04MmM5LTYwZGFjZTQ2Y2ZiZCIsInRpbWVPZkF1Y3Rpb24iOjE3MDA2MDExMjk1OTcsImJpZHMiOlt7ImNwbSI6MC4wMjY1MjcsImFkSWQiOiI5NDNmYTUzN2M3ZjEyIiwib3JpZ2luYWxDcG0iOjAuMDI2NTI3LCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDI2NTI3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo5NTMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNjAxMTMwNzg4fSx7ImNwbSI6MC4xNSwiYWRJZCI6Ijk2ZmU2YTU3MzU1Nzg5YyIsIm9yaWdpbmFsQ3BtIjowLjE1LCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMTUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjk2NSwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDA2MDExMzA3OTV9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijk2ZmU2YTU3MzU1Nzg5YyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxNX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=21921.09999847412
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:10 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7986 70 B
148 B 58ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 7986 43 B
425 B 67ms
65ms Image
image/gif 52.213.173.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.173.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 7986 43 B
146 B 120ms
26ms Image
image/gif 35.157.183.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.183.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-183-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
14 KB 721ms
720ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3192230334715607&correlator=2163364780908010&eid=31079673%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddbe80ace03408ee9%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_MZwfXD3yv8XWWQkwcZcs-csLei2Vg&gpic=UID%3D00000cd6b12c2485%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_Mbeh8475oiYTG3tTBysYWJh5KQ4dw&arp=1&abxe=1&dt=1700601130957&lmt=1700601130&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGslHQiSp5IL-t0qSNB2Kz4xptaXTV5CTBtghKrD77YTe9NJZa9DWUgAlU4gWhiSnLc-ZcuPdtqYQ2qRHkrMc_ck&ga_vid=1789578989.1700601129&ga_sid=1700601129&ga_hid=2003581387&ga_fc=true&dlt=1700601128236&idt=1167&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.15%26hb_ap_adid%3D96fe6a57355789c%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv8_e%26faid%3Dfalse&adks=2825066673&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9ebab89da695911ec1cd32b8e69fc8244ff7d1bd5a737761b9240166d8a870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13938
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 37ms
36ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS8zMDBkdW8tbW8tcmVuLWRlbmctYnUtZGFvLW1vLWRlLW5hLXl1bi1qaWFuZy1udS1iaWFvLWNhaS16aGVuZy1mdS16YW5nLWh1YS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYWNkNGZiMDktMWU4Ny00N2I3LWI5NzUtNjJhMmUzYTgwZGM2IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI4Njc5MzNkZi1hZTkyLTRlMDEtODZkMS1jZDc4ZjQwM2M0MTMiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwNjAxMTI5NTYwLCJiaWRzIjpbeyJjcG0iOjAuMTgsImFkSWQiOiI4OTU3MzA1MzdlYjhjNjMiLCJvcmlnaW5hbENwbSI6MC4xOCwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDE3OTk5OTk5OTk5OTk5OTk4LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NjAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNjAxMTMwMDMwfSx7ImNwbSI6MC4xOCwiYWRJZCI6IjkwNDdiMmIxNmNmODAzMiIsIm9yaWdpbmFsQ3BtIjowLjE4LCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMTc5OTk5OTk5OTk5OTk5OTgsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ3OCwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDA2MDExMzAwNDh9LHsiY3BtIjowLjE4LCJhZElkIjoiOTEzYWRiOGU1NGIyYzgyIiwib3JpZ2luYWxDcG0iOjAuMTgsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxNzk5OTk5OTk5OTk5OTk5OCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDc5LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDYwMTEzMDA0OX0seyJjcG0iOjAuMTgsImFkSWQiOiI5MmQ3MDJiNTU0ZDc2OWEiLCJvcmlnaW5hbENwbSI6MC4xOCwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDE3OTk5OTk5OTk5OTk5OTk4LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0ODAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNjAxMTMwMDUwfSx7ImNwbSI6MC4xNiwiYWRJZCI6IjkzMTQwOWZkZjNhMTYwNSIsIm9yaWdpbmFsQ3BtIjowLjE2LCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMTYsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ4MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDA2MDExMzAwNTB9LHsiY3BtIjowLjA3LCJhZElkIjoiOTc4MWYyYTBlYThjY2M3Iiwib3JpZ2luYWxDcG0iOjAuMDcsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA3MDAwMDAwMDAwMDAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoxMzgzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDYwMTEzMDk2Nn1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJ0ZWFkcyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODk1NzMwNTM3ZWI4YzYzIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDE3OTk5OTk5OTk5OTk5OTk4fV0sImNvdW50cnkiOiJDSCJ9&c_b=21952
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:10 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
14 KB 664ms
663ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3192230334715607&correlator=1374658197450023&eid=31079673%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddbe80ace03408ee9%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_MZwfXD3yv8XWWQkwcZcs-csLei2Vg&gpic=UID%3D00000cd6b12c2485%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_Mbeh8475oiYTG3tTBysYWJh5KQ4dw&arp=1&abxe=1&dt=1700601131010&lmt=1700601131&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGslHQiSp5IL-t0qSNB2Kz4xptaXTV5CTBtghKrD77YTe9NJZa9DWUgAlU4gWhiSnLc-ZcuPdtqYQ2qRHkrMc_ck&ga_vid=1789578989.1700601129&ga_sid=1700601129&ga_hid=2003581387&ga_fc=true&dlt=1700601128236&idt=1167&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.18%26hb_ap_adid%3D895730537eb8c63%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv8_e%26faid%3Dfalse&adks=1420297610&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ab6f198035519b266630cb91d7ca984a1c9177d20f44ea929c315c8487a971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13920
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 29ms
29ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1804514
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1700601131.059631,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 175758

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.4/ 436 KB
81 KB 26ms
26ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.4/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: cb5e127d62c8415f2108e21063b52deaf8a7c8537a2c42f85a679049d24e9ef6

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1700551479
date: Tue, 21 Nov 2023 21:12:11 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: GJ0P19SGMH27T9DX
age: 49612
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1700551492
x-amz-meta-mode: 33188
content-length: 82907
x-amz-id-2: Z5BXM8KmNtcnZF40VxKfYh2Mk/DWH5EacL8R7ncvP9ze8m2a1KVgenjmU/pJ9OQJCe2ggRh/xWs=
x-served-by: cache-fra-eddf8230088-FRA
last-modified: Tue, 21 Nov 2023 07:24:53 GMT
server: AmazonS3-br
x-timer: S1700601131.084471,VS0,VE0
etag: "323df837503d82d2c53a8ce403875f68"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 80727

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D2DD 422 B
507 B 39ms
39ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e2bcac6ddfc9036bba681d77bdb0fc4f7e73c7e79c46d1d412b8c2d761d14277

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 21 Nov 2023 21:12:11 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 35ms
34ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&cmcv=&pix=31579697&cb=1700601131081&uv=3358&tms=1700601131081&su=3&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!rbcatc_vA!t45!tmaxc_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-length: 0
server: nginx

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ Frame DD91 431 KB
135 KB 30ms
29ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:33:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9534
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137994
x-xss-protection: 0
server: cafe
etag: 6213585212225905441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 18:33:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CD14 151 KB
52 KB 104ms
103ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-13-227-219-40.ams54.r.cloudfront.net

Software

cafe /

Resource Hash

b76b42544ea79c849eaa7bfd68cb1ac4fa9b32a0a9d64b0c1fa8b281b0502ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52834
x-xss-protection: 0
server: cafe
etag: 13095111733222469253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 21 Nov 2023 21:12:11 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 43ms
29ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Tue, 21 Nov 2023 21:12:11 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 1392223
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1700601131.134647,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 264375

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ED0F 46 KB
13 KB 34ms
33ms Script
text/html 2.16.97.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-239.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4c7dea702fcc7f49a0c9896c80e2c246c179e05c9c59785b003598b5e1a3a9d3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 02:00:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17329
Connection: keep-alive
Content-Length: 13229
Expires: Wed, 22 Nov 2023 02:01:00 GMT

GET
H2 200 pixel;r=272349386;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c...
pixel.quantserve.com/ 35 B
371 B 43ms
34ms Image
image/gif 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=272349386;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1836136052-1700601130177;pbc=936e6eb8-ce7d-409e-89ae-aed002b20933;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700601131120;tzo=-60;ogl=;ses=1289c677-efab-4add-8a7a-11a936f7164e;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 socket.io.min.js Show response
cdn.socket.io/4.5.4/ 43 KB
13 KB 161ms
34ms Script
application/javascript 13.227.219.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.socket.io/4.5.4/socket.io.min.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 13:22:18 GMT
content-encoding: gzip
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-amz-cf-pop: AMS54-C1
age: 8193338
x-cache: Hit from cloudfront
content-disposition: inline; filename="socket.io.min.js"
server: Vercel
x-vercel-id: fra1::hff6x-1696252938493-701d121ca797
etag: W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: mxBFy_YrPht2uPrG7-gNthri7tj5lniFIo_Hv3vvK38xfQrQoO39fw==

GET
H2 200 prebid.js Show response
cdn.unibotscdn.com/player/prebid/ 502 KB
161 KB 76ms
75ms Script
application/javascript 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 2139fcb6d5586442247ed31ab4133bfa6395b51ff5765df3f7cebf86ac809048

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-storageserver: DE-677
cdn-cachedat: 11/21/2023 11:20:02
cdn-pullzone: 873945
last-modified: Tue, 21 Nov 2023 11:19:52 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 645
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"655c9258-7d8ab"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 228b31966594bfd43bbfdc8398290f89
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D2DD 70 B
148 B 59ms
58ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame D2DD 43 B
425 B 60ms
59ms Image
image/gif 52.213.173.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.173.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame D2DD 43 B
145 B 38ms
37ms Image
image/gif 35.157.183.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.183.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-183-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 40ms
39ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

895d956fae8f66da338de0b8112525ee7cd4f7a2b025dc1915dec46e4a549536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 21:12:11 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 159ms
159ms Fetch
application/json 3.233.155.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 29ms
28ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:11 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 971
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1700601131.190265,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 75
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 6767

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 29ms
29ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Nov 2023 21:12:11 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 14974
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1700601131.190392,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 22251

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame ED0F 7 B
766 B 122ms
26ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DD91 492 B
564 B 65ms
65ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=383316238199068&correlator=951993069210716&eid=31078987%2C31079660%2C31079695&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700601131217&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=e3oazczde382&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qM72Z6q7bg2BzHcogp4scTSgk8cqUA9YLMeeOKO0joR1PBP7ssFnBfAgb8-ewNg8wbeZ3F16gwuMW4Q33D8BmoTcBRi3cRQS5ELDPD-1ERYpYmJpd1-4JYAkuaLZ1u2zl0TJCMoJtV_Uv6QFUWuaI4xu6J_ypHi1cBYjXxZf07PyZBeWlM&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=660841828.1700601131&ga_sid=1700601131&ga_hid=1267354913&ga_fc=false&dlt=1700601130167&idt=1022&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0835f559d0f2f84ac96efb09779c504b34f0ddca9c27818e839f1987ce36194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DD91 16 KB
12 KB 819ms
73ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

110e207ce394e9e8ea57fe9388f025a4a200e8ebdeccd99cb47a15c32c6b69e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12336
x-xss-protection: 0

GET
H2 200 container.html Show response
f39c72388c82b7ecb075dcac81b671fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 91E3 6 KB
3 KB 74ms
34ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f39c72388c82b7ecb075dcac81b671fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:12:11 GMT
expires: Wed, 20 Nov 2024 21:12:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 29ms
27ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230088-FRA
date: Tue, 21 Nov 2023 21:12:11 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame CD14 397 KB
134 KB 392ms
392ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d26306d0240b4b8d05a271368cd0db01bf647a518ded0c8c7394eed97ce58fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137248
x-xss-protection: 0
server: cafe
etag: 12204827010449188375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:12:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 1105 9 KB
4 KB 511ms
36ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 48706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 07:40:25 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 07:40:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 724ms
121ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=c6a132d5-209b-48e3-8ab4-d0704fb1861e-tuctc56a2a8&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 21:12:11 GMT
cache-control: no-store
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 347ms
346ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700601128264&gcd=11l1l1l1l1&dma=0&cid=1789578989.1700601129&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700601131&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&dt=300%E5%A4%9A%E8%90%AC%E4%BA%BA%E7%AD%89%E4%B8%8D%E5%88%B0%E8%8E%AB%E5%BE%B7%E7%B4%8D%20%E9%81%8B%E5%B0%87%E6%80%92%E9%A3%86%E8%94%A1%E6%94%BF%E5%BA%9C%E9%AB%92%E8%A9%B1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=22341
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame ED0F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP8U06J4-1T-IVXA
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP8U06J4-1T-IVXA
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

610ms
609ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date: Tue, 21 Nov 2023 21:12:12 GMT
connection: close
content-length: 111
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 117 B
273 B 428ms
59ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: f74d579c01ecadd838a399555d90654644fc4bd34bd10dcc07e8338dfa9eedd1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 21 Nov 2023 21:12:11 GMT
Content-Length: 117
Content-Type: application/json; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame ED0F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LP8U06J4-1T-IVXA&ex=d-rubiconproject.com&status=ok

43 B
479 B

315ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LP8U06J4-1T-IVXA&ex=d-rubiconproject.com&status=ok

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TK9K26Y9SM1VGYTQZRH5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LP8U06J4-1T-IVXA&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame ED0F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r7bE1_lrSrGpLRpu4pNPdA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r7bE1_lrSrGpLRpu4pNPdA

43 B
479 B

57ms
56ms

Image
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r7bE1_lrSrGpLRpu4pNPdA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

HTTP/1.1

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S3NC7A0B8J14KYTKHZ07
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r7bE1_lrSrGpLRpu4pNPdA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ED0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJkEIEjUj5EbhqF4MuyIMyA&google_cver=1

42 B
679 B

29ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJkEIEjUj5EbhqF4MuyIMyA&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJkEIEjUj5EbhqF4MuyIMyA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ED0F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/nT7OxRsKsY2FpOnApTXxKMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-w1hyGvFE2oLWlpb1rGJAc0bIS3sqoUH2zonSRA--~A

42 B
679 B

34ms
34ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-w1hyGvFE2oLWlpb1rGJAc0bIS3sqoUH2zonSRA--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 21 Nov 2023 21:12:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-w1hyGvFE2oLWlpb1rGJAc0bIS3sqoUH2zonSRA--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame ED0F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XqYJKHvuT9-udtXHZdZXhw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XqYJKHvuT9-udtXHZdZXhw

43 B
479 B

145ms
144ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XqYJKHvuT9-udtXHZdZXhw

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3K6734C57K48QSM9QEQV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XqYJKHvuT9-udtXHZdZXhw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame ED0F 70 B
148 B 241ms
239ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

setuid
px.ads.linkedin.com/ Frame ED0F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP8U06J4-1T-IVXA

0
645 B

1040ms
667ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP8U06J4-1T-IVXA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D2DC14DE29764010AAEB637CD4A7164E Ref B: ZRHEDGE1208 Ref C: 2023-11-21T21:12:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKsA5lDxC2m9lTTJlKxA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP8U06J4-1T-IVXA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ED0F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMzYmQxNmY3NGI2ZTBmYmQzOGIyNDgxYjY1ZjUwMTdmZWRiMWRlMg

170 B
243 B

95ms
92ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMzYmQxNmY3NGI2ZTBmYmQzOGIyNDgxYjY1ZjUwMTdmZWRiMWRlMg

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMzYmQxNmY3NGI2ZTBmYmQzOGIyNDgxYjY1ZjUwMTdmZWRiMWRlMg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ED0F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA4VTA2SjQtMVQtSVZYQQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENoOFFe-fsPSWEGpZVVklNg&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA4VTA2SjQtMVQtSVZYQQ==&google_push=

170 B
232 B

36ms
36ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA4VTA2SjQtMVQtSVZYQQ==&google_push=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA4VTA2SjQtMVQtSVZYQQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ED0F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD-DU7KujoAABPF0Mc8hw&expires=30

42 B
679 B

29ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD-DU7KujoAABPF0Mc8hw&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD-DU7KujoAABPF0Mc8hw&expires=30
Date: Tue, 21 Nov 2023 21:12:11 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ED0F
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9f2eefbc-d741-4e7b-8269-d799c9b6b93e&expires=30

42 B
679 B

64ms
63ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9f2eefbc-d741-4e7b-8269-d799c9b6b93e&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9f2eefbc-d741-4e7b-8269-d799c9b6b93e&expires=30
Date: Tue, 21 Nov 2023 21:12:12 GMT
Connection: keep-alive
X-CI-RTID: 3c8221df-f9f6-463c-b5f8-c6932d0a4d42
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame ED0F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP8U06J4-1T-IVXA

0
527 B

1075ms
48ms

Image
text/html

13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP8U06J4-1T-IVXA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:12 GMT
content-encoding: gzip
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: WScskQ8XNOWUSFT08OOk8RqLvjXEhDLkVpQZUFZ8oMaWwGq2TM2txg==

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP8U06J4-1T-IVXA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame ED0F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LP8U06J4-1T-IVXA

0
311 B

122ms
35ms

Image
text/plain

216.52.2.86
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LP8U06J4-1T-IVXA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: HTTP/1.1
Server: 216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:12 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LP8U06J4-1T-IVXA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2

204

v1
match.sharethrough.com/sync/ Frame ED0F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP8U06J4-1T-IVXA

0
35 B

96ms
27ms

Image
text/plain

52.59.59.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP8U06J4-1T-IVXA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 52.59.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-59-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP8U06J4-1T-IVXA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame ED0F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LP8U06J4-1T-IVXA

0
131 B

31ms
30ms

Image
text/plain

145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LP8U06J4-1T-IVXA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LP8U06J4-1T-IVXA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame ED0F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LP8U06J4-1T-IVXA&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LP8U06J4-1T-IVXA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

112ms
104ms

Image
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LP8U06J4-1T-IVXA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 829bedf8cc2b24c0-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 21 Nov 2023 21:12:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LP8U06J4-1T-IVXA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 829bedf44fac24c0-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame B612 196 KB
55 KB 43ms
28ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 412454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B612 15 KB
5 KB 47ms
34ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 08:33:14 GMT
age: 304737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 08:33:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B612 95 KB
29 KB 48ms
35ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 407939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B612 5 KB
2 KB 58ms
45ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 417459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B612 40 KB
13 KB 58ms
47ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 454659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B612 4 KB
728 B 49ms
38ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:12:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 21:12:11 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B612 4 KB
751 B 46ms
37ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 20:48:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 21:12:11 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B612 3 KB
3 KB 34ms
26ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:50:33 GMT
x-content-type-options: nosniff
server: cafe
age: 1298
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Wed, 22 Nov 2023 20:50:33 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B612 344 B
474 B 31ms
25ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 51230
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 22 Nov 2023 06:58:21 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15119106079495701663/ Frame B612 9 KB
10 KB 119ms
114ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15119106079495701663/14763004658117789537?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIpgEQVxgBIAEtAAAAPzCoAThXRQAAgD8&rs=AOga4qlQQqiN0AJ4Gl8kllMFjRyiHqEqJw

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cf92141ff869509977d08a1438c44c2b8c1db5838f68f2d024ea0b2a39fefba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9613
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 19:32:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Nov 2024 21:12:11 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10770833847831052884/ Frame B612 21 KB
21 KB 198ms
193ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10770833847831052884/14763004658117789537?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qmRWwZQkyytj5A329moAYQzfTe9Jw

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8ef6fa0676c5a8bb44d147905994fbc6b9e3bff0a2cc27cd2d7c98c774e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21521
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 19:22:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Nov 2024 21:12:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B612 0
0 413ms
38ms Image
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxQMhnaMTld2lZBtoXJFgaCKpmmE018n_Piyxo06GWj5q9cY-otaXCTuH3J9UnoVbPy98wbMQb3GFf8_QKM947hEGmNw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 148ms
148ms Fetch
application/json 3.233.155.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772 Show response
a.teads.tv/hb/ad/ Frame 9A68 4 KB
3 KB 104ms
103ms Script
application/javascript 88.221.125.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/ad/73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-39.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d69942c18af43e6fff6dd98cf38092aea4b97044f3c50ca6ef33d2d775c1b5d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2481
expires: Tue, 21 Nov 2023 21:12:11 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 198ms
197ms Fetch
application/json 3.233.155.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 40ms
39ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS8zMDBkdW8tbW8tcmVuLWRlbmctYnUtZGFvLW1vLWRlLW5hLXl1bi1qaWFuZy1udS1iaWFvLWNhaS16aGVuZy1mdS16YW5nLWh1YS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYWNkNGZiMDktMWU4Ny00N2I3LWI5NzUtNjJhMmUzYTgwZGM2IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDE3OTk5OTk5OTk5OTk5OTk4LCJyZXNwb25zZVRpbWUiOjQ4MCwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoidGVhZHMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDE3OTk5OTk5OTk5OTk5OTk4LCJ3aW5uZXJBZFVuaXRJZCI6IjkyZDcwMmI1NTRkNzY5YSIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjcyOHg5MCIsInByZWJpZEF1Y3Rpb25JZCI6Ijg2NzkzM2RmLWFlOTItNGUwMS04NmQxLWNkNzhmNDAzYzQxMyIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=22781
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:11 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
DATA 200
OK truncated
/ Frame B612 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ede9a856ec768f733b677c720abb493c18dec53ca73e6663dc51c89411b6d7cd

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 8B9F 196 KB
55 KB 98ms
85ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 412454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 8B9F 15 KB
5 KB 99ms
87ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 08:33:14 GMT
age: 304737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 08:33:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 8B9F 95 KB
28 KB 101ms
89ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 407939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 8B9F 5 KB
2 KB 102ms
90ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 417459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 8B9F 40 KB
13 KB 103ms
91ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 454659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B9F 4 KB
705 B 103ms
92ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:12:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 21:12:11 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B9F 4 KB
728 B 105ms
94ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:09:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 21:12:11 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8B9F 3 KB
3 KB 95ms
84ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:50:33 GMT
x-content-type-options: nosniff
server: cafe
age: 1298
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Wed, 22 Nov 2023 20:50:33 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8B9F 344 B
402 B 95ms
85ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 51230
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 22 Nov 2023 06:58:21 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18306979805473294712/ Frame 8B9F 6 KB
6 KB 132ms
122ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18306979805473294712/14763004658117789537?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIpgEQVxgBIAEtAAAAPzCoAThXRQAAgD8&rs=AOga4qm5d1RXfPcZRBaIoEu1gj24nYQusg

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30ce4ebcf7a643c24e6d30e35075d65b1d78187ac67d89b5e97247948f91510d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6120
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 19:31:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Nov 2024 21:12:11 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4648877128998692211/ Frame 8B9F 15 KB
16 KB 1047ms
1038ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4648877128998692211/14763004658117789537?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qk9C4Xv28GWdH0pRp0rv_xFoYDerw

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e8ec76e0664577097dcd40e43e80409c95216abbf238ef7bb95fa2a4d8bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15784
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 19:31:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Nov 2024 21:12:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B9F 0
0 366ms
39ms Image
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSKgujqlDKwswGd3pkD_KZ4rY9LHC9-YsenE7whV65Kz5Hcch0J7R6jVjsO_NhVV9W4CT6FItBBdxk9FMUMzb-FOU7jg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 8B9F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fb4264af305aa8a7a69ec12b50b7f47ff088e6ee9f092ae7bd841830a03dda8

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 975B 25 KB
12 KB 996ms
995ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700601131&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700601131106&bpp=176&bdt=1626&idt=762&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Ddbe80ace03408ee9%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_MZwfXD3yv8XWWQkwcZcs-csLei2Vg&gpic=UID%3D00000cd6b12c2485%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_Mbeh8475oiYTG3tTBysYWJh5KQ4dw&correlator=1806266950790&frm=23&ife=1&pv=2&ga_vid=1789578989.1700601129&ga_sid=1700601132&ga_hid=2087623369&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2444&biw=1600&bih=1200&isw=336&ish=280&ifk=681266864&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532605%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809056%2C31079653&oid=2&pvsid=3671286886322135&tmod=1808380577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3ipqycniws4s&btvi=1&fsb=1&dtd=775

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07b5fa4f5b4523bd3174278d45f6f1bcc47423bbdf053d397fc7c3a98de34bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11958
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:12:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B612 15 KB
16 KB 989ms
606ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 286503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 13:37:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B612 16 KB
16 KB 995ms
614ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:19:37 GMT
x-content-type-options: nosniff
age: 305555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 08:19:37 GMT

GET
H2 200 bg3.co_1695642730139.js Show response
cdn.unibotscdn.com/clientdata/js/ 667 B
848 B 40ms
39ms Script
application/javascript 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-storageserver: DE-662
cdn-cachedat: 09/26/2023 10:16:02
cdn-pullzone: 873945
last-modified: Tue, 26 Sep 2023 10:14:53 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6512af1d-29b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 776f9b3aaeca2c3381abb9b537650020
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 975 B
1 KB 37ms
36ms Stylesheet
text/css 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-662
cdn-cachedat: 10/31/2023 18:50:59
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: a198a4f0e72bd93964218e4f1f3b8a1b
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 4 KB
2 KB 38ms
37ms Stylesheet
text/css 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-167
cdn-cachedat: 10/31/2023 19:01:06
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 576
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-eda"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: e4e0fda0d7e519fdd15131f34f9a2f12
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 39 KB
11 KB 39ms
38ms Stylesheet
text/css 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-677
cdn-cachedat: 11/10/2023 21:11:01
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:08 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf618-9cdf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: b9a5d95868fb530e7c955bea0d031268
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg3.co_1695642730139.css
cdn.unibotscdn.com/clientdata/css/ 440 B
977 B 38ms
38ms Stylesheet
text/css 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/bg3.co_1695642730139.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 67db2b0c3deefc3f84f7ceaad4268e56b2220f2486c54c7b5ef34dab9f6f15b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-382
cdn-cachedat: 11/05/2023 20:42:32
cdn-pullzone: 873945
last-modified: Sun, 05 Nov 2023 20:34:22 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 374
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6547fc4e-1b8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 6e638f48d85cb72fe442484c854435b5
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 5 KB
2 KB 75ms
75ms Stylesheet
text/css 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:11 GMT
content-encoding: br
cdn-edgestorageid: 1078
cdn-storageserver: DE-677
cdn-cachedat: 11/05/2023 14:34:02
cdn-pullzone: 873945
last-modified: Fri, 25 Aug 2023 05:21:29 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e83a59-1333"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 1f419395d86433f768600d9d5b4ce36e
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 1018ms
73ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128095
x-xss-protection: 0
expires: Tue, 21 Nov 2023 21:12:12 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B612
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

38ms
38ms

Image
text/html

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 21 Nov 2023 21:12:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8B9F 15 KB
15 KB 870ms
619ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 286503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 13:37:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8B9F 16 KB
16 KB 866ms
616ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:19:37 GMT
x-content-type-options: nosniff
age: 305555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 08:19:37 GMT

GET
H2 200 native.js Show response
a.teads.tv/media/flavors/ Frame 9A68 98 KB
24 KB 39ms
38ms Script
text/javascript 88.221.125.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/flavors/native.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-39.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7b7d12c5593d1774f46f259bf762b094cd21c7ac0c07689e68091cc93d6b6c6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 13:33:27 GMT
x-amz-request-id: QDECENTNGP090MKV
etag: "3cc3419a088afa5744b9ffc42da7ab7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 5
accept-ranges: bytes
content-length: 24641
x-amz-id-2: Q9NEKlAEWK0VBsFWNMDgDemIOL5A3jfJq+QPOFPg8otVKOr4e1wQB26IByVXXlekKwrN1ptky0U=
expires: Tue, 21 Nov 2023 21:42:12 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8B9F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

46ms
46ms

Image
text/html

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 21 Nov 2023 21:12:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DD91 17 KB
7 KB 58ms
58ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:12:12 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B612 0
0 69ms
68ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClJ5zKx1dZY7xA5z7x_APrdiEiASt8o_6csivprCQEvrr0uCyARABILqEwDNg9bWxgfwDoAHAs53yAsgBBqkCuzxGla_-sj7gAgCoAwHIAwqqBIIDT9CHUhYF79A1Wayc5wKAqkgGZHgzWUZpfeCbpff5NNNNn0rxPQzqz0j4LdL9I-n2tTTXwC_GdNskWz4ApTMDMImFszZKxY8DNFqQwDWP9sALlOA_d-eJvCnOIZbBxdMN5V4tRBuE1nQ5g2rBCRBvi-diult7IFFW3YUrYvQJBhmRSb_4yZj1ybUqRBNETs3XRMBLc_5xtGRbRH2GARuVnehQsWgV8YP1fkSPUUiTZv7u8pulkAw97RcphfasrLsIdj8kxfCBH7hf0McyJKzV6j_TuXAJr2fAEzDo0e8TuUXikzZylSpsQ8RRysWzI1QNOSFfFkqSMRGgqv1w_57JEJUcO2f_8gGDLIjqoNSzOfud2LATWL_QNChtH5lOGq6dchjdDy-lj7F4DHHXkhgf1qMkzeT-lFoxPKKNmQzF0ruWjOmaKCHQhIawxAuNvVd8Io2W64n_-XpmxnLjf76kWBpcmAgPrnh04WJGNPtpBOhD-jO7tpDihyXddypKMwvcRd_ABNu-tYbOBOAEAYgFr_2tpkygBjeAB6jM4o0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQyoAO0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCWxodHRwczovL3d3dy5sb2thbGJhbmsuY2gvdWViZXItdW5zL2xlcm5lbi1zaWUtdW5zLWtlbm5lbi9sb2thbGJhbmtlci1nYW56LXByaXZhdD91dG1fc291cmNlPXZhbml0eS11cmwjc3RhcnSACgPICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBEKCxDghs27noSJ18UBEgIBA-INEwjt5sfygNaCAxWc_REIHS0sAUHYEwOIFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTMyNTM0MDQyOTgyMzUwMhjKqx4&sigh=Lfzvd0lDO2E&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNMjQXAA0GKAzHb1SrROxfaBBat0IKswtCdhP7k_s1PDaZtOzilY1qBmnmjZElrp1LNMb2ZOyEixgB&template_id=492&cbvp=2
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 985ms
48ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 21:12:13 GMT

GET
H2 200 track
t2.teads.tv/ Frame 9A68 23 B
134 B 762ms
659ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=5976b637-ddbb-4b74-92fe-820771531737&pfid=68&env=js-web&ut=1&cid=1027191&gid=973884&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=bdNzGZckgc1dWI9ODm16aN-4&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=973884&dsp_creative_id=1027191&fms=9&p=2y2LYOTbmJ7cq55eXB4K3U6pUdBIrJQ5YB774XsjyWeXnQ&cts=1700601129826&cs=183332644510244819805&1700601129825=&slot=native&fv=1290&ts=1700601132110&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 21 Nov 2023 21:12:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame 9A68 23 B
134 B 762ms
651ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adReceived&env=js-web&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&pageId=154680&pid=169092&hb_provider=prebid&vid=5976b637-ddbb-4b74-92fe-820771531737&pfid=68&f=1&slot=native&fv=1290&ts=1700601132110&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 21 Nov 2023 21:12:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 nurl Show response
a.teads.tv/be-ms/ Frame 9A68 9 KB
9 KB 62ms
62ms Fetch
application/json 88.221.125.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/be-ms/nurl?payload=GISpCiD32D4ovLg7MkoJAAAAAAANMz8hzczMzMzM5D8o5LDRvA0yGyoZChUI2uANEgNVU0QaCmltcHJlc3Npb24YATjw9RtYBWDw9RtwzYw-ePWVQJgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFEkgFkCAUQ9AUYs08g_FMqBDQwNTcw____________AToGbW9iaWxlQhNzd2lzc2NvbSBzY2h3ZWl6IGFnSghzd2lzc2NvbVINZXVyb3BlL3p1cmljaFoHYmFzaWxlYWIHc2Nod2VpepoBCnd3dy5iZzMuY2-gAQKoAQO4Ac83wgEGcHJlYmlk4AEB-gEyEi4KFQjontWd196iwnMQzuWH5tPSrNCgARIVCImTsePyhtDfBBDy7tiT3KGJnbkBGACAArXW552_MYoCB1dpbmRvd3OSAgQxMC4wmAIAqgI2QURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhsgIZChUI9Jbt7f3GrbtZELeuzIr3wKD_kgEgANgCAOACAPECAAAAAAAA8D_4AgGAAwCiA2RodHRwczovL3d3dy5iZzMuY28vYS8zMDBkdW8tbW8tcmVuLWRlbmctYnUtZGFvLW1vLWRlLW5hLXl1bi1qaWFuZy1udS1iaWFvLWNhaS16aGVuZy1mdS16YW5nLWh1YS5odG1sqAMAsgMCY2i6AwZDaHJvbWXAA1nIAwDQAwDqAycKBwgAEAEY_wESBAgCEAEaBAgEEAAiBAgDEAAqBAgFEAAyBAgBEADyAw8xNzguMjM4LjE3NC4xOTb4AwKABAA=&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=aH5EEeTyUFMTk-SfscOVZm29VXhJ4QjHZYpdYdlLDozxUw&psid=415253&checksum=1700113898
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-39.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c92f51db84945a8ed43379d0d8c02a94963ad00118fd1b43444bd573f3c60dd3

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:12 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length: 9167
expires: Tue, 21 Nov 2023 21:12:12 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8BB7 13 KB
5 KB 37ms
35ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 12419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 17:45:13 GMT
expires: Wed, 20 Nov 2024 17:45:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3923 829 B
1 KB 73ms
40ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

2c29f0d1e9a78a7696335c94da0572f6028034f2d0a946b1e634548af7120c5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OyxuQY3iit7YsVz06RZJdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OyxuQY3iit7YsVz06RZJdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:12:12 GMT
expires: Tue, 21 Nov 2023 21:12:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 track
t.teads.tv/ Frame 9A68 23 B
134 B 746ms
652ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&vid=5976b637-ddbb-4b74-92fe-820771531737&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=68&gid=973884&sid=174681&brid=7119&cid=1027191&rpm_reason=3&ut=1&p=hOKdd5eoAZS06-DyKpkxk1zf__948zbzNWG8iff08wBxXyj3vuwGXSDKem0SBEnJfmk&cts=1700601129826&cs=-564965808710108982305&slot=native&fv=1290&ts=1700601132127&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 21 Nov 2023 21:12:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BB7 39 KB
15 KB 27ms
27ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H2 200 iframe Show response
sync.teads.tv/ Frame 1BFE 2 KB
1 KB 793ms
83ms Document
text/html 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 90088d56f5b6966b2adb1f88f8eb14d0f1791d23199ca5e4fd0a5faa869565e9

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 723
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:12 GMT
expires: Tue, 21 Nov 2023 21:12:12 GMT
pragma: no-cache
server: pekko-http/1.0.0
vary: Accept-Encoding

GET
H2 200 track
t.teads.tv/ Frame 9A68 23 B
134 B 699ms
656ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adAvailable-success&gid=973884&sid=174681&env=js-web&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&pageId=154680&pid=169092&hb_provider=prebid&vid=5976b637-ddbb-4b74-92fe-820771531737&pfid=68&f=1&slot=native&fv=1290&ts=1700601132178&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 21 Nov 2023 21:12:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 performance-image-dco-a379f68e-b336-4c8a-88c1-d03d2f45e2b0.jpg
s8t.teads.tv/creative-185a10b0-df8a-11ed-a497-d5745f81ca65/ Frame 1D04 191 KB
192 KB 912ms
70ms Image
image/jpeg 23.43.61.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/creative-185a10b0-df8a-11ed-a497-d5745f81ca65/performance-image-dco-a379f68e-b336-4c8a-88c1-d03d2f45e2b0.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.43.61.33 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-61-33.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b28bc6c423d5155028378ba70d1b116f3b9959244d59e25223a924fef6167532

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
x-amz-request-id: 1FPEJHT1VBFXBA9Q
x-amz-server-side-encryption: AES256
content-length: 196020
x-amz-id-2: Au/wyJ5q1Rmz4Ct9iRYkC2EcwbSsU6evMqhgurGDH/ckYmN4FQTFCNIRwMxwk6LNt7u+JrYF1m8=
last-modified: Thu, 20 Apr 2023 14:47:06 GMT
server: AmazonS3
etag: "e21af69c0cc6cd3a905ac5d57c547109"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type
access-control-allow-origin: *
cache-control: max-age=31540000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 20 Nov 2024 22:18:53 GMT

GET
H2 200 track
t2.teads.tv/ Frame 9A68 23 B
134 B 670ms
658ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.teads.tv/track?action=impression&vid=5976b637-ddbb-4b74-92fe-820771531737&gid=973884&studio_cid=185a10b0-df8a-11ed-a497-d5745f81ca65&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&pscid=20204&scid=7024&pfid=68&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700601132141&cid=1027191&pid=169092&erevenue=69ZQSSXOy7WPlWKmu8s2CMoF&erevenue_curr=CHF&fms=9&p=yUjfD7MZSzdOZyIuLL97Bb-OLj9zpzuixuVLaVCTAiCCBoJR11nc5WB92GdD6IXpAsl1eZHWMgsyd7zE9ijiT-mr3h64BnW96W0c3-BE6US5xAXZlKHbBybEufzHoqsnwOpkkMpM4Fj6Zf0cwMiOTy0GL8G0AzxfKFxQQiQxFzripPYGnA2N4H6jat5qhWPNREw47ABdas883PO9k8_bhPEcPxECUGCR00bfO9LRBDK5gtshS2Q1yNPAHXewJKpBDnzw3hPCjMQxvuYD0hSjTW2IjTAzg6f7R9r5by_zkjn4carI3-FfJDoCklePGagZnJ4Yer8t2oIU8c6ACrrAfVl9gRM8totmHmPdw4wfYl_PRg&cs=224926520840054593905&slot=native&fv=1290&ts=1700601132192&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 21 Nov 2023 21:12:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 1D04 669 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3923 0
0 637ms
636ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=383316238199068&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame 8BB7 0
0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD91 0
0 149ms
148ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=383316238199068&bg=!qqmlqebNAAZxrfrxUa07ADQBe5WfOMQaV1v2E_aeRscpjw4Ad30phDbux0HIA4FfSJI-3aBgKNfBLmbYWu_hGgLYl7qMAgAAAF5SAAAABGgBBwoAbdEbMJh_acpQyOniaU8jk5PttPbJ8oh0sFA_o1hwxLt-ofyg6kFZUza1b9sFJUDdOMegIMfIn53Xx6Nk96akGhDwL7PTUlCMbF5qQ_iVtty_9oWKoeHcEJGUhf1yyXwVvqc3X904Ce7L61ZZgNmZAs8an36iZxngFPGvVWWeIxRg6-EzAYfhGwiW5hTH5XySC4c3EtOAWGN7EnV6VpvySJglArTTVNtlPpmJwItvRAoz95a75-H3VPFaniVO_97rByLwlU-fLsWe4WFrdcwr_RmrWUuNm-M_PrSr46KGHGpGDkDidfQoDrESf-vj7iZl0Ilz-tK5h-3I_fQZiH-jb4WF8RMPHo-Vu0wJsdBjZXEhInvWm-UT3RvRIOYinRFQRkPXysZKYGsWEmvyB6pcZrscy8_mac-ze2gR1ng5HmEjghuWQLPq_ZqD_wJWiyiPtDXTcXsdDAyaqIgRpbAkaTbZhgabi8tFDeC3TWCCaGcDgyWrGaF_L3L6oOu0YbZ0AVssR5xbjZblMTN-Tg3aGsajgZJZHlsga_zGfe7KR0FGYG9uVrEOtDAjcEza1Y1Pa1af96r4kJL_WwbxwO5OEPt9k0I7HuJhRMakwQUVjEAUaH1GLVu3bkqdPWUBaxNgEQc0Q5dqL_dmIiAXOn4lRj9UzqMa-jSN64YTef37tdP3tXfGNOrnK8cM-sG91BAhENvchrPooN1kLXs60mlwCRwhXoH3TicKkDsvfl3-5aEyhVvLK1I9X89pPxbWom34dZ2jnIu7uJdI7IeAETMAtlgkoJi9HgRDbuzfST4b13Pwzvdg448dwWNxFA-R9PHhZjsx_Sk4AUmbx_gb1AZ0JOf9G20thLOHEEkgDr0OZQPuoc9FK3N8nBVWRcc6sqAU3k3i18CUP5nmjXTCC_384j5ljtsRZrGDllk4KMA3cJkqrFbTiMf-ku5_FG6q5xe0_KWiv1_w9zY9aRCstNT1poEMHyXXSnMQvht8RrceDlJUPGXvrMTuaXKzJyFSImOfi-RkxSc41lIOWdSWAj-dsDuYKFf7OB_KsyQ_xE_FhCq9pWQdrTWQOiOSOt-J9Wn0F5g2mj7V5jHHtW11ocknuA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 jsk Show response
ialaddin.genieesspv.jp/yie/ld/ Frame E382 9 KB
4 KB 1193ms
539ms Script
text/javascript 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1551001&cb=12512176811&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&sw=1200&sh=1600&topframe=0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: b0ffb4dfd389ecc6b37714eeb9dfa1811992d38cffc18db60e8f003dc4cce630

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame E382 633 B
597 B 498ms
40ms Script
text/javascript 2.22.242.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by: Host: js.genieessp.com
URL: https://js.genieessp.com/t/551/001/a1551001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.242.169 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-22-242-169.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"
content-type: text/javascript
cache-control: private, max-age=14400
content-length: 445
expires: Wed, 22 Nov 2023 01:12:13 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 975B 42 B
110 B 86ms
84ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLdRSG9-N9PEFCzSG1I5XPMtg0L7q9GxS5HxrGOIdd8mAEw50PQZxLIbNXgapo2jwxSCgtQz_f7wCILfzdF3i7s7iQWS6SdygEv6t8Dc88ZgtS36s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700601131&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700601131106&bpp=176&bdt=1626&idt=762&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Ddbe80ace03408ee9%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_MZwfXD3yv8XWWQkwcZcs-csLei2Vg&gpic=UID%3D00000cd6b12c2485%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_Mbeh8475oiYTG3tTBysYWJh5KQ4dw&correlator=1806266950790&frm=23&ife=1&pv=2&ga_vid=1789578989.1700601129&ga_sid=1700601132&ga_hid=2087623369&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2444&biw=1600&bih=1200&isw=336&ish=280&ifk=681266864&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532605%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809056%2C31079653&oid=2&pvsid=3671286886322135&tmod=1808380577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3ipqycniws4s&btvi=1&fsb=1&dtd=775

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 975B 0
64 B 85ms
84ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2788183184196237280&x=1&ct=76

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 975B 92 KB
32 KB 125ms
125ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32789
x-xss-protection: 0
server: cafe
etag: 17194431578830737671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:12:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 975B 3 KB
1 KB 39ms
37ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:38:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 975B 20 KB
8 KB 47ms
46ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 975B 0
0 50ms
47ms Image
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmonsEaK_aI7AImHAVmR496wjgvzA9iZeVQfd1PNOjh_x-HE3heM1kfozmXgyCa_esYkqJkeT7EFwQj4R5nu_PTk3IMA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700601131&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700601131106&bpp=176&bdt=1626&idt=762&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Ddbe80ace03408ee9%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_MZwfXD3yv8XWWQkwcZcs-csLei2Vg&gpic=UID%3D00000cd6b12c2485%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_Mbeh8475oiYTG3tTBysYWJh5KQ4dw&correlator=1806266950790&frm=23&ife=1&pv=2&ga_vid=1789578989.1700601129&ga_sid=1700601132&ga_hid=2087623369&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2444&biw=1600&bih=1200&isw=336&ish=280&ifk=681266864&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532605%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809056%2C31079653&oid=2&pvsid=3671286886322135&tmod=1808380577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3ipqycniws4s&btvi=1&fsb=1&dtd=775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 975B 202 KB
64 KB 76ms
74ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:12:12 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0552 478 B
242 B 71ms
70ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXqpkv4RNbNXLkewOaclaPOFeUc7fbMCySVGOn2eeJkSEMdGpEr3xKmzsKbZuO2Qbmv8a_HDpCpsXeahLIFNtPqjHf9dw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700601131&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700601131106&bpp=176&bdt=1626&idt=762&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Ddbe80ace03408ee9%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_MZwfXD3yv8XWWQkwcZcs-csLei2Vg&gpic=UID%3D00000cd6b12c2485%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_Mbeh8475oiYTG3tTBysYWJh5KQ4dw&correlator=1806266950790&frm=23&ife=1&pv=2&ga_vid=1789578989.1700601129&ga_sid=1700601132&ga_hid=2087623369&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2444&biw=1600&bih=1200&isw=336&ish=280&ifk=681266864&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532605%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809056%2C31079653&oid=2&pvsid=3671286886322135&tmod=1808380577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3ipqycniws4s&btvi=1&fsb=1&dtd=775
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:12:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8B9F 0
0 86ms
85ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRItKKx1dZbqHAau3x_AP_LKPkAyt8o_6cqOB5pTrEbnu8MiqARABILqEwDNg9bWxgfwDoAHAs53yAsgBBqkCuzxGla_-sj7gAgCoAwHIAwqqBIcDT9C8gORvuXWrsK2v9uCFmPzLriJblm72j-dy5BgaVzWRzdMSEtmVdpQ99g3RxGWIPmNX2N-BkRjAYYQyehe70R5daqr2KNdN5Dk_d7zHzKO_anNMl-dK_8NdxgcbJ_JVinbu2N9q1Q78EJVuDN-U8WANVlMo8ZALRRHCvg-y7JwGltFfylD6tDCzgut5tjJdnk_VSZYwZQXrrNxdqU861SvVyWTxNuk2OGHv4RG_qlhBxnWkAZoMog_s4oModkuZLKw-gh9UGLHCza5V6jZisTOo5TjNzQ_AaIfOLPg0tWnqRj6w7lUzDnvWP0lgdIXkBln02OZ0HTJ1DL56no5buDD57b1UTzFw3UdCaT5VI4561XacFflumwcqdo00Utly5HJVTdgE886EVC4Sd-_C7jeXZJ1Dn4CUyeycBOWT-lbBKqhZUdMKM_VkFqSaQEtrPzkJX4ElSypWqo6Z8A02HG8Q4Z5IlCF-0J4kouuIqgMYbeFBamq18sOL-udBY-6raTgNjgd8ScAEueH657AE4AQBiAWv_a2mTKAGN4AHqMzijQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDFjRDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJbGh0dHBzOi8vd3d3Lmxva2FsYmFuay5jaC91ZWJlci11bnMvbGVybmVuLXNpZS11bnMta2VubmVuL2xva2FsYmFua2VyLWdhbnotcHJpdmF0P3V0bV9zb3VyY2U9dmFuaXR5LXVybCNzdGFydIAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEIDp9_iZwbqhHhICAQPiDRMI0ezE8oDWggMVq9sRCB182QPC2BMDiBQC0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=2UjUWzga0VM&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNMGQQIx4K9TQEDZVIOMHkjPJxtG3X53oafho1-BYT_1T0ruGZmct9PY3g6l2RgaHKNiLTPEJNuxgB&template_id=492&cbvp=2
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BFE
Redirect Chain

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=2585a248-801d-49da-a20f-2667b2aa3225&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjU4NWEyNDgtODAxZC00OWRhLWEyMGYtMjY2N2IyYWEzMjI1

170 B
188 B

68ms
67ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjU4NWEyNDgtODAxZC00OWRhLWEyMGYtMjY2N2IyYWEzMjI1

Requested by

Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjU4NWEyNDgtODAxZC00OWRhLWEyMGYtMjY2N2IyYWEzMjI1
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Tue, 21 Nov 2023 21:12:13 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1BFE 70 B
148 B 60ms
51ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1700601132940
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

um
sync.teads.tv/ Frame 1BFE
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700601132940
https://sync.teads.tv/um?fp=1&eid=80&uid=7aed8f7c-e32f-4048-a8b5-13738eb2fd65&gdpr=0

23 B
163 B

76ms
75ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?fp=1&eid=80&uid=7aed8f7c-e32f-4048-a8b5-13738eb2fd65&gdpr=0
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 21 Nov 2023 21:12:13 GMT
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:12 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.teads.tv/um?fp=1&eid=80&uid=7aed8f7c-e32f-4048-a8b5-13738eb2fd65&gdpr=0
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 993719
content-length: 0
expires: Tue, 21 Nov 2023 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 1BFE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/teads/2585a248-801d-49da-a20f-2667b2aa3225?gdpr=0&_t=1700601132940
https://sync.teads.tv/um?eid=132&uid=y-tE0gtcxE2oQoluxTHLrlOY.ObvXqKaUdpPA-~A

23 B
163 B

59ms
58ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=132&uid=y-tE0gtcxE2oQoluxTHLrlOY.ObvXqKaUdpPA-~A
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 21 Nov 2023 21:12:13 GMT
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

date: Tue, 21 Nov 2023 21:12:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.teads.tv/um?eid=132&uid=y-tE0gtcxE2oQoluxTHLrlOY.ObvXqKaUdpPA-~A
content-length: 0

GET
H2 204 /
loadm.exelator.com/load/ Frame 1BFE 0
324 B 231ms
48ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=2585a248-801d-49da-a20f-2667b2aa3225_eu_ch&_t=1700601132940
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 44858
tags.bluekai.com/site/ Frame 1BFE 62 B
483 B 314ms
189ms Image
image/gif 2.19.104.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/44858?id=2585a248-801d-49da-a20f-2667b2aa3225_eu_ch&limit=1&_t=1700601132940
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.104.189 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 21 Nov 2023 21:12:13 GMT
content-length: 62
content-type: image/gif

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 1BFE
Redirect Chain

https://idsync.rlcdn.com/474599.gif?partner_uid=2585a248-801d-49da-a20f-2667b2aa3225_ch&_t=1700601132940
https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzI1ODVhMjQ4LTgwMWQtNDlkYS1hMjBmLTI2NjdiMmFhMzIyNV9jaBAAGg0Irbr0qgYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECC1TgqsvQVu5FKNp6KG2H4&google_cver=1

42 B
60 B

36ms
36ms

Image
image/gif

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECC1TgqsvQVu5FKNp6KG2H4&google_cver=1
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECC1TgqsvQVu5FKNp6KG2H4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 1BFE 43 B
502 B 203ms
48ms Image
image/gif 52.213.93.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=2585a248-801d-49da-a20f-2667b2aa3225_ch&_tid=2585a248-801d-49da-a20f-2667b2aa3225&_t=1700601132940
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.93.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-93-159.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 1BFE 0
337 B 179ms
48ms Image
text/plain 34.247.45.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=2585a248-801d-49da-a20f-2667b2aa3225_ch&_t=1700601132940
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.45.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-45-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Tue, 21 Nov 2023 21:12:13 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1700601133
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

usersync
sync.springserve.com/ Frame 1BFE
Redirect Chain

https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=2585a248-801d-49da-a20f-2667b2aa3225&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=170060113...
https://sync.springserve.com/usersync?aid=1000024&uuid=2585a248-801d-49da-a20f-2667b2aa3225

43 B
206 B

194ms
56ms

Image
image/gif

52.210.129.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000024&uuid=2585a248-801d-49da-a20f-2667b2aa3225
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Server: 52.210.129.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-101.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 21:12:13 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://sync.springserve.com/usersync?aid=1000024&uuid=2585a248-801d-49da-a20f-2667b2aa3225
cache-control: max-age=0, no-cache, no-store
content-length: 164
expires: Tue, 21 Nov 2023 21:12:13 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 1BFE
Redirect Chain

https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=2585a248-801d-49da-a20f-2667b2aa3225&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjU4NWEyNDgtODAxZC00OWRhLWEyMGYtMjY2N2IyYWEzMjI1
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1

23 B
163 B

94ms
93ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&viewerId=5976b637-ddbb-4b74-92fe-820771531737
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 21 Nov 2023 21:12:13 GMT
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 0552 170 B
188 B 48ms
47ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXqpkv4RNbNXLkewOaclaPOFeUc7fbMCySVGOn2eeJkSEMdGpEr3xKmzsKbZuO2Qbmv8a_HDpCpsXeahLIFNtPqjHf9dw

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0552
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKkIqJlwDIhNqnKQcLFKv4Y&google_cver=1

43 B
769 B

78ms
78ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKkIqJlwDIhNqnKQcLFKv4Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXqpkv4RNbNXLkewOaclaPOFeUc7fbMCySVGOn2eeJkSEMdGpEr3xKmzsKbZuO2Qbmv8a_HDpCpsXeahLIFNtPqjHf9dw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gXoOerYHKf%2Bi0rgAc9tLaISATgDItEQk5%2FtMwlTL3ea3u%2BOe7kd5dVA1qp4xgtL4g3eCQWEOive1scEYCPMJ2H7l8hLNGmSfhxXIigKuQM7Wb6JwhZfczyKdj2POOE%2BsYVufbsYPEpQ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bedf99d982355-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKkIqJlwDIhNqnKQcLFKv4Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0552
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV0dLY-vVZAtHMOMJZdEkQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKkIqJlwDIhNqnKQcLFKv4Y&google_cver=1

43 B
732 B

62ms
62ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKkIqJlwDIhNqnKQcLFKv4Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXqpkv4RNbNXLkewOaclaPOFeUc7fbMCySVGOn2eeJkSEMdGpEr3xKmzsKbZuO2Qbmv8a_HDpCpsXeahLIFNtPqjHf9dw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agrjugItlt%2FBqXuMRFLpcLmQiemz6x40DCq0VABZ4Z2m5A69EsOZy%2BI%2BKwClOuByCxMvyNj807b80BIQluxx7iDGv7ftLHKrc5dlb1UhHgX05Hk4SJMTd92AIfbej9lLrlK1qEeFms4UjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bedfa8f352355-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKkIqJlwDIhNqnKQcLFKv4Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.11.4/ 524 KB
145 KB 405ms
26ms Script
application/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.11.4/video.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230062-FRA
date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 16:37:54 GMT
etag: "dca7de69f28da40d65353c2e9323442b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 148475
x-cache-hits: 3

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 975B 0
56 B 77ms
75ms Ping
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5133354746339&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 975B 0
56 B 73ms
72ms Ping
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5133354746339&version=m202311060101&ct=76&x=1&cor=2788183184196237300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 975B 91 KB
38 KB 86ms
85ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-HP0vK7DIK9xw0hkswAPW6svYA46XQLqLjWfwD3GSZM5vRQmxmoYcwuG3YFC7KQ3CAxCumSdQRc3Fc4Mf2wsNPv62nASH5yTUlDei_ACm3wF5dGNkpHuRoYysZog0KL-2SEuldyTWLUSmwTb--jjj391D0WJjnwAGWG3EjL1_gqtfTmw&dbm_d=AKAmf-AZjUolM55xNTYhZHm46ujb9yZpNWrXeL4rFhKxXD3AFXME_2HVhk2g9gls3cp6gRPJjjE_PfixPfPujO2mLra0c3TIuzLYYU5CBdqDVC8frbyfYV4VBh96YuI1Un_7Tg6YTW_QUD3e6Kr_slF52cCAdGybhQp9TVKUoNaFSCfvX0JhOTE60kMrrs2FI11qHuVRGoZFl1sCCGkqyHasNtJS5F-pQj8sbe52z6VKj723quNcYzbIa8HlY4zOPESYX49ICTxBbkvyKkr8jUQOWocJUOljeQPQwuU3oeoDh-53ngY7B27GuZsoyGvW70f-YwK_WA_oWbN5JZUwvKBH1E8XFQz9C8YktBlZkh1WIkxQHIbOTItKVbcuskZJZf3qsDKOevVa1Wv54MFVIJIlcjK_9j4timD43vmdFZ-JyaXyo6o-eI4BoYsV1xAfwEEGnxoAWyZEBedOlfKrZQYTymRzhGiTh9XDyR9NO3gYuaSuGwP_2SBiwpBx7dOslfytbWAzhPiMK5I-xvwkKgcWwiTsAAjXXhb4MCU0XJ64fNhbfP3lPMc4Cdq-HXQvTGi94a-RwgUEuJpHGcsP2RfLWH4rkD57aMtUcJ73aL6eURICia9gmSEo1seZg0pB9YuDxCDbWhz8GrqmTO3-eTdppQHsWGRwbnnwmkJxLGn9PrIzTXzpZnJtrN8tpi8IJ-L8lMvN8hdRCe3Tile9pC38kWhNX_ZlqjY6x-Vwj1PXF5Ah_r43GdYF1ohMlgt9gHd6CSPZzkJh3Z286rvwMmgK6fniXFyGk2oPwu1jo8pDnQR-ZLZ17ezMqDUxaDv-Z53Aga02udLZTN2SF4M2VzpxHrHVvsx3lGQaehq8se2WxY_o8jDIf01xNUoi6XXfxy97hLiLK9wTnblC_zGdDga7re6SRJZePXhwPZZJ7JGkRbMRBZcboUZU_n8vAWdfYqA-jHMm1nbnAaYvxGrQgzs-lfcVscTiVVBDGYgHb3xzvLZFRbry7tBDzYoJ76-d3g8xSTXRPpRc4B21n50pT-xD5pdEdq41EbP_x0Z35bAM_6LmeAhI93_2Yt1VR2ZWEQnmAycPj2Lm-w_MX0nQTpUAgJGdy8u2j98COx7LBjjfxkV9TdggsTT_OfF8NndS8DYbx4b6PEDVuudh5RSgZrY8NbGP9DY7MQnaAqZ4DhckmNKhN3_k28y6o67Mmzm_OuIwVaRvrXPSaNAY7kBxA1M9YMwaVyxMe56Zvc4LF-dTBwQtAuM4oFOzgYpTy23rirMcZK3eOgI9bqXKUKmnFP4OIgb-LxlUPdhKY7DNq_Pg3zpSNWpFqkvjshnBLZwgEWz9J7mddQudOzPOZTVBKg034c6Y_d1kynB6f4DVFWPZ4lCKMF3RNZJ7OZFU3SFo8797Das50waVwQclehBj8PQy2PwCVH3X5UQIkkPLmVEKFKoYOVlHUM1-J7N8ILrI7AbNKDb4iFElmIkwRKA6iZK2Ue17WlZ98dBOKxjl_IgISaosPeoe6a0LrXbvND4jP7-_4tejIWdLMGVVH27_PsT3tLhMK-KuxuPkUM2ShevUcQkBEzIJwrgB-yG1hKT6to0VLrTYZZXFA7gbkezzPj8X3bPvpxXXo_hyLtqYEDTh3HY6Q_B2nX8MN24cHSgQsMysjXcNlz9U6iplOs7jMzqtnsAoHGSniF716soyhtDRq8R-npEM_GNRuxdfQRXIaq_b3q-Ek80uuQs3mEva3lhCRG9O_FvZ3gudHDcEk4lYaUOZLA4UfnPW8HTbTdCAI1Czy82tyFLvZSIdnKFx-YKKGk3ignvrIhiv9UKaoIDy8ppPzXu5m0YDr_Z6BS51F7lyqZPJqAOrDjZw3bDyBRw8YJVU4weG9yasSN1JnC5qY9537Tl5sZdnlsfUltilQyi5JPKJd8BI2PTsDMu4MFTDij1HO22I_MirlY_KlYcx_wH1BT2NCwzeWTa-R-RmaaQiqXuppfQfeyGy63z3bWvPT9ik9jMkfXHq7IAOOlRNeoMmBsdh9A4YRJcWAi1pE-k0B0UlYhqgaQ0I0PWL7xAhCqzNVGuU9uWhrSlyZ4gzJNvE-kKeSG1vQ_rGMbd47OJoa1-FGMI6hdzsvwfd2I1f1Jxtk1v5cHtTD5K6GniMQX1ZIntkjgKZMeyywX1_bpx3gQFzmV0fv7NYJe1-VwOWGRUapVyeQfS54UOrhNF-_4RPH-XYJDVt_74bjZovzd-mfzHgQ2ITu7Mk5LpnMJIyyiPaFNa5vtJrcqV9phTLz4C9PQIZQsWa7wh-7vbkIoSs2v3_cQiB4zd5TaOrc4rqHGpv_XhrVYAtypMZtTcUCHy32HDDzHfaYwWNvMYX01--kUTixgkaBk16T2sTDVGPhOH4ENMdsSopOTcDVefvLVP2bqLXAIDZQkDxyS8Jx40Sao3Svo71Wo2PSCs9pANNEiZ2ghF7ktMMj5YQTAni2ToyfBMPzYBkmPefs226k4gytPXDxPSy7qmVBo2Bw9bqtgpjFe7jGWggwUiDNICRNNmDHZBj3shiaLTNkpIc0FkVZF3BNpXSDyE6-bJIBLYkr0TZ5-kFBXC9YFLWUTi-yKwjq7y-i_hUBkO9bjbvEmNXpOk9PM8tj5ITmz2fcHkdG-jxkyM-LLyo-G0jhgbjA0sR28Ou6JEM4kafms2SzIz_EBh0M2RoYBkpoZPEVzjDsLKJP-8Ftlr5f7clbnFLw_eLn7X2SJAqP1NfN4VZRxT0z2v1vVcES43KsDZ_u0M_-j8kTxSlLE-jZ9mycBlZ4gNTGtW65wKAJDsoZHiQ-7d54v8dHCVBXXxwtF7P5p1LVWL6nbDXdkSQ8FnhICeYfJNl7km_a58hG0sneCNz97sL9XUvtoCyueDYxeY5bc-mymGIVeCft0z0cDrfyXLm_14XYkdGjgF5W5YD_6ksBPulax_hLP5oRcPh2_3MskfM9_OCgHlle3x9PmrlvEko09iyysCS2ANi4XstWRrocyrNVnpKtzzCYENRF0CEr1t-ik55xzzaeQl2y2Nhidc48dC5G0-txDicqnB2_uoJT3KImsvP5-SgR1K3xyeWu1c0gM8JdVpmLjHi93HKC556n5jSpuX0MCqYDe8JD8e-drM9EhYD4FanV8zFqPgZ8iVfEKF2oJ_ekJKUaR4QOczjI4A80G_bJFP_fxOaHpEmo3MwXCPyzYYG19OOaxsX8j-AcmucG09C0APbTvhIkqADH-umkYnfLsKns2PCdCFCpGers3dmVIrBDEiRRgjFBX4Cj2_-4o-dQsxKhTsAzeN52w9jnYjaIbucs51RyiVdDaun_QBmvmB-HG2kj9ajvoXLF_1tgDplvvqWKomsvxaMEyJ3ObelBPA4tzset5HC7U4RG7yTFuISgAVSoFzLmd4AU3vXnY-3pionUN8AggivAl28Ic9hi08YZx9j0Jr0RUEoFFfWGEqaLpTzNwFhW1hu1Zm-2LtiUsLSQgyspDa4CCLi8MP2sUEbDUDfNK11rovPYG9yv4Ij0oPPJoSy8j0rwcpg17OR3lqFeGZaJ39ah4bTevWumyq74jSAqXVlQxlEXXGAJurUlkXnnMMOGKTVmOyIYdCuDw_tDQiq9s7rF7zeSlJbiVT52w42dv77PrIX25WfgwMSN9Zt16vT-INlMtFAevhMMoYVpuJ0hj-ohKg8Z0l_Rhu_-r6KO7IqSHw9jaD341T1jWZ5fG54tfn73YkJBmeNDqIpOMTXgNf71TSCGGSgvpdYKhvYlp0eOiooFJVY0QPQujsrI-QsXJ4SHBGBHfmLKu6B39RRSytWUcU294Pq_9t_lTSRfcPW4jKENOq-oaU08oRiTGlkA192nAWn-t8v9ot4pwAKug5BoFuJa_rFaF2ZVbmgRedD4-sww3vK1DFb2buAvn8Wh546Nj3WrZyr3A&cid=CAQSPADICaaNVL1XtLPeSElKNfY2b0TvgLE6fjXtevxX5NSZYsLFI3u6ek9NTrKs9BUlMRHdkHAstH-caDIrRhgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=2788183184196237300&adk=3676778483&idt=129&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e1524e278b34cbe1d6639febb10fb5225365a69f903531dc841ee4e7c7061d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700601131&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700601131106&bpp=176&bdt=1626&idt=762&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Ddbe80ace03408ee9%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_MZwfXD3yv8XWWQkwcZcs-csLei2Vg&gpic=UID%3D00000cd6b12c2485%3AT%3D1700601129%3ART%3D1700601129%3AS%3DALNI_Mbeh8475oiYTG3tTBysYWJh5KQ4dw&correlator=1806266950790&frm=23&ife=1&pv=2&ga_vid=1789578989.1700601129&ga_sid=1700601132&ga_hid=2087623369&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2444&biw=1600&bih=1200&isw=336&ish=280&ifk=681266864&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532605%2C31078301%2C31079757%2C44807764%2C44808148%2C44808284%2C44809056%2C31079653&oid=2&pvsid=3671286886322135&tmod=1808380577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3ipqycniws4s&btvi=1&fsb=1&dtd=775
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38716
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B612 42 B
108 B 73ms
73ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7xhsv5OrIWwWMKS8E_tKoqc42TaVw5Kndg-eHbnGUFY9OuU1nOT3nVpqM5gFDcnqBaYwnRT-Wg9s6YB_qE0hn8C2HVp_VbtgmsfzySu-K6-ONHZkRxnaPX_gke-45Zzp6sXlEtuOggcg2NB-8zFJ6GF8cIH2M0fiPlUfmnrLVzAjlnlNhow5xoe-oNi3UMNqKst-tVXvd_-VFLLpL_u-E5pvybH5NM_oUItyK6z4a1ItRBHls087KUoNW4a8UJ2HnM717uv1qnAY_8Soxq3cXp_EPFUul10euIIPTPZeAbgMeKj4LeX9rhSP1LhDpB9PU6yJiVFgraGk4oE9BWc1SyAs7opPQYJMbmdRdo45uQ2x09vqH667ByvtAPQSpe-kGFsWhzwjwCov-tb-1SK-o1KJIzV8QdP1E1R03Kdiw9Tcde4m44vddIbA-u0z0JrV6fxiRvi7uXDtzPiMs7uAj0Fpwg4wriVhm9aeRRVl0WEzzQfLjp4lR6LgPaYKIxumJCmz7CWExs4dXMlqMSrWvpFBaZA8P_NvBiiw3uom7FuhK03EoPiQyo1Hd3CgVE5VS3_zjWjlDcLaHW-k_wKlhgNNdu-Dye9vyHIuaHMlumgsePorbZPDV3t035UE9T3EIQJB4HeOdH43aZSGbq2j0z6iD-RdR7hX8W5i8VYYHEx9nZPI_jky9ZOrLC1lxzwf2vlnBXcRnttKoru62-PzqGpqK1DGdhDl7aluA9NQCSMjk_GqZB4RsSIlK17PNWXXbRk6DKIX3W1fignv2xHyBz9_v4BLKjp1aBT9RxiYBQiAZ-q0qz6p2MVtWrn2SgK7frdJN2STsDeG6rRQQj93j8HqZMeAtGe6_JCikFz-tjC2Gg8XFpIEUALmYjh6jPLaK4aFSv4g23zsC82tDKagD9xk9_F1HPe9_rhBiQrgwb4ei29G4icPEB6n4ia39qLGfeiUJ7q6nk8TMW4DxHXH-TVWsyZ9sKxh8X-qbYObJ88w4_2jOtkqYQUepjQo7oDFIdqqqEOy9xGChKO84kAienIA1QGHG_zjTXS278WFOJvxwIUE871puqDJA0ZendHs5f9dxBeNfYbZMErj54Q4VUVhEbV0AT3CgEtMmSbWdYVidVy2bonXEkbiInbDkri-PRu-2C68wFUdvKaBrCB6EpDG_zQOwnqlv-Hh41kvltezF6rvpQ1dY7URu8rthh0kNZaoUmyebb3uJYutGc6cw1HRaE5WtB3clOJzNmHkI1PKQebx5jzbXrbceLDPSuQNW3YoY0zZu4DkLMdHiopqBM3H8rIyDNRSUFmZvZ3LKdh5dUdD9tk84ZxEQw3d5gnOuq3AcrqRp51GjcWy_Pil3VmBmpzabJosDdU0EqMmD2TV5fdftFcmcKLlNMXChmezpQ952SIgJelMGcbTZfGr9XS8zoEBtTjEjPJ4cg74Kd45CAOZNpRcNEP-sHhW9iL88UsHkjBzibXML_XA362q88zk4E6_a1zyQ08g_Xtfnpc8LOU7AwzgbUqqe6xdmgt9kUYq3Mp4VgaXzpLmXuZuzIdF0qqbOs1i_8x0tG4nqN3sXiv5ensMrbgmnoTG-v2vQRbDzK9tngi-FppirUk3FLUmqZp5XmW3YmUB-j1zdtJXXQJ6EgLVOHvS9LZLy56f-jMZi42L84bakXufI6Epy4le3bX3i&sai=AMfl-YQZCcXXiwNz0Gmr8lLaETFNDS9CVHwkCGxapZ0wTUrdOPdZ0C4H8xyELW51Bd0PeGkJlVhSoehPyIdbfvHA7PcrAi-yNZKlC461PF_Pb1CgxMEh8wqpRfPT2P-j9sex5QH95i7x759qwQ&sig=Cg0ArKJSzINE_j-jfr2NEAE&cid=CAQSPADICaaNMjQXAA0GKAzHb1SrROxfaBBat0IKswtCdhP7k_s1PDaZtOzilY1qBmnmjZElrp1LNMb2ZOyEixgB&id=ampim&o=236,60&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=333&tls=1333&g=100&h=100&tt=1333&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 429ms
52ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 21:12:13 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 975B 111 KB
39 KB 433ms
43ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:40:28 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 975B 11 KB
4 KB 26ms
26ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-HP0vK7DIK9xw0hkswAPW6svYA46XQLqLjWfwD3GSZM5vRQmxmoYcwuG3YFC7KQ3CAxCumSdQRc3Fc4Mf2wsNPv62nASH5yTUlDei_ACm3wF5dGNkpHuRoYysZog0KL-2SEuldyTWLUSmwTb--jjj391D0WJjnwAGWG3EjL1_gqtfTmw&dbm_d=AKAmf-AZjUolM55xNTYhZHm46ujb9yZpNWrXeL4rFhKxXD3AFXME_2HVhk2g9gls3cp6gRPJjjE_PfixPfPujO2mLra0c3TIuzLYYU5CBdqDVC8frbyfYV4VBh96YuI1Un_7Tg6YTW_QUD3e6Kr_slF52cCAdGybhQp9TVKUoNaFSCfvX0JhOTE60kMrrs2FI11qHuVRGoZFl1sCCGkqyHasNtJS5F-pQj8sbe52z6VKj723quNcYzbIa8HlY4zOPESYX49ICTxBbkvyKkr8jUQOWocJUOljeQPQwuU3oeoDh-53ngY7B27GuZsoyGvW70f-YwK_WA_oWbN5JZUwvKBH1E8XFQz9C8YktBlZkh1WIkxQHIbOTItKVbcuskZJZf3qsDKOevVa1Wv54MFVIJIlcjK_9j4timD43vmdFZ-JyaXyo6o-eI4BoYsV1xAfwEEGnxoAWyZEBedOlfKrZQYTymRzhGiTh9XDyR9NO3gYuaSuGwP_2SBiwpBx7dOslfytbWAzhPiMK5I-xvwkKgcWwiTsAAjXXhb4MCU0XJ64fNhbfP3lPMc4Cdq-HXQvTGi94a-RwgUEuJpHGcsP2RfLWH4rkD57aMtUcJ73aL6eURICia9gmSEo1seZg0pB9YuDxCDbWhz8GrqmTO3-eTdppQHsWGRwbnnwmkJxLGn9PrIzTXzpZnJtrN8tpi8IJ-L8lMvN8hdRCe3Tile9pC38kWhNX_ZlqjY6x-Vwj1PXF5Ah_r43GdYF1ohMlgt9gHd6CSPZzkJh3Z286rvwMmgK6fniXFyGk2oPwu1jo8pDnQR-ZLZ17ezMqDUxaDv-Z53Aga02udLZTN2SF4M2VzpxHrHVvsx3lGQaehq8se2WxY_o8jDIf01xNUoi6XXfxy97hLiLK9wTnblC_zGdDga7re6SRJZePXhwPZZJ7JGkRbMRBZcboUZU_n8vAWdfYqA-jHMm1nbnAaYvxGrQgzs-lfcVscTiVVBDGYgHb3xzvLZFRbry7tBDzYoJ76-d3g8xSTXRPpRc4B21n50pT-xD5pdEdq41EbP_x0Z35bAM_6LmeAhI93_2Yt1VR2ZWEQnmAycPj2Lm-w_MX0nQTpUAgJGdy8u2j98COx7LBjjfxkV9TdggsTT_OfF8NndS8DYbx4b6PEDVuudh5RSgZrY8NbGP9DY7MQnaAqZ4DhckmNKhN3_k28y6o67Mmzm_OuIwVaRvrXPSaNAY7kBxA1M9YMwaVyxMe56Zvc4LF-dTBwQtAuM4oFOzgYpTy23rirMcZK3eOgI9bqXKUKmnFP4OIgb-LxlUPdhKY7DNq_Pg3zpSNWpFqkvjshnBLZwgEWz9J7mddQudOzPOZTVBKg034c6Y_d1kynB6f4DVFWPZ4lCKMF3RNZJ7OZFU3SFo8797Das50waVwQclehBj8PQy2PwCVH3X5UQIkkPLmVEKFKoYOVlHUM1-J7N8ILrI7AbNKDb4iFElmIkwRKA6iZK2Ue17WlZ98dBOKxjl_IgISaosPeoe6a0LrXbvND4jP7-_4tejIWdLMGVVH27_PsT3tLhMK-KuxuPkUM2ShevUcQkBEzIJwrgB-yG1hKT6to0VLrTYZZXFA7gbkezzPj8X3bPvpxXXo_hyLtqYEDTh3HY6Q_B2nX8MN24cHSgQsMysjXcNlz9U6iplOs7jMzqtnsAoHGSniF716soyhtDRq8R-npEM_GNRuxdfQRXIaq_b3q-Ek80uuQs3mEva3lhCRG9O_FvZ3gudHDcEk4lYaUOZLA4UfnPW8HTbTdCAI1Czy82tyFLvZSIdnKFx-YKKGk3ignvrIhiv9UKaoIDy8ppPzXu5m0YDr_Z6BS51F7lyqZPJqAOrDjZw3bDyBRw8YJVU4weG9yasSN1JnC5qY9537Tl5sZdnlsfUltilQyi5JPKJd8BI2PTsDMu4MFTDij1HO22I_MirlY_KlYcx_wH1BT2NCwzeWTa-R-RmaaQiqXuppfQfeyGy63z3bWvPT9ik9jMkfXHq7IAOOlRNeoMmBsdh9A4YRJcWAi1pE-k0B0UlYhqgaQ0I0PWL7xAhCqzNVGuU9uWhrSlyZ4gzJNvE-kKeSG1vQ_rGMbd47OJoa1-FGMI6hdzsvwfd2I1f1Jxtk1v5cHtTD5K6GniMQX1ZIntkjgKZMeyywX1_bpx3gQFzmV0fv7NYJe1-VwOWGRUapVyeQfS54UOrhNF-_4RPH-XYJDVt_74bjZovzd-mfzHgQ2ITu7Mk5LpnMJIyyiPaFNa5vtJrcqV9phTLz4C9PQIZQsWa7wh-7vbkIoSs2v3_cQiB4zd5TaOrc4rqHGpv_XhrVYAtypMZtTcUCHy32HDDzHfaYwWNvMYX01--kUTixgkaBk16T2sTDVGPhOH4ENMdsSopOTcDVefvLVP2bqLXAIDZQkDxyS8Jx40Sao3Svo71Wo2PSCs9pANNEiZ2ghF7ktMMj5YQTAni2ToyfBMPzYBkmPefs226k4gytPXDxPSy7qmVBo2Bw9bqtgpjFe7jGWggwUiDNICRNNmDHZBj3shiaLTNkpIc0FkVZF3BNpXSDyE6-bJIBLYkr0TZ5-kFBXC9YFLWUTi-yKwjq7y-i_hUBkO9bjbvEmNXpOk9PM8tj5ITmz2fcHkdG-jxkyM-LLyo-G0jhgbjA0sR28Ou6JEM4kafms2SzIz_EBh0M2RoYBkpoZPEVzjDsLKJP-8Ftlr5f7clbnFLw_eLn7X2SJAqP1NfN4VZRxT0z2v1vVcES43KsDZ_u0M_-j8kTxSlLE-jZ9mycBlZ4gNTGtW65wKAJDsoZHiQ-7d54v8dHCVBXXxwtF7P5p1LVWL6nbDXdkSQ8FnhICeYfJNl7km_a58hG0sneCNz97sL9XUvtoCyueDYxeY5bc-mymGIVeCft0z0cDrfyXLm_14XYkdGjgF5W5YD_6ksBPulax_hLP5oRcPh2_3MskfM9_OCgHlle3x9PmrlvEko09iyysCS2ANi4XstWRrocyrNVnpKtzzCYENRF0CEr1t-ik55xzzaeQl2y2Nhidc48dC5G0-txDicqnB2_uoJT3KImsvP5-SgR1K3xyeWu1c0gM8JdVpmLjHi93HKC556n5jSpuX0MCqYDe8JD8e-drM9EhYD4FanV8zFqPgZ8iVfEKF2oJ_ekJKUaR4QOczjI4A80G_bJFP_fxOaHpEmo3MwXCPyzYYG19OOaxsX8j-AcmucG09C0APbTvhIkqADH-umkYnfLsKns2PCdCFCpGers3dmVIrBDEiRRgjFBX4Cj2_-4o-dQsxKhTsAzeN52w9jnYjaIbucs51RyiVdDaun_QBmvmB-HG2kj9ajvoXLF_1tgDplvvqWKomsvxaMEyJ3ObelBPA4tzset5HC7U4RG7yTFuISgAVSoFzLmd4AU3vXnY-3pionUN8AggivAl28Ic9hi08YZx9j0Jr0RUEoFFfWGEqaLpTzNwFhW1hu1Zm-2LtiUsLSQgyspDa4CCLi8MP2sUEbDUDfNK11rovPYG9yv4Ij0oPPJoSy8j0rwcpg17OR3lqFeGZaJ39ah4bTevWumyq74jSAqXVlQxlEXXGAJurUlkXnnMMOGKTVmOyIYdCuDw_tDQiq9s7rF7zeSlJbiVT52w42dv77PrIX25WfgwMSN9Zt16vT-INlMtFAevhMMoYVpuJ0hj-ohKg8Z0l_Rhu_-r6KO7IqSHw9jaD341T1jWZ5fG54tfn73YkJBmeNDqIpOMTXgNf71TSCGGSgvpdYKhvYlp0eOiooFJVY0QPQujsrI-QsXJ4SHBGBHfmLKu6B39RRSytWUcU294Pq_9t_lTSRfcPW4jKENOq-oaU08oRiTGlkA192nAWn-t8v9ot4pwAKug5BoFuJa_rFaF2ZVbmgRedD4-sww3vK1DFb2buAvn8Wh546Nj3WrZyr3A&cid=CAQSPADICaaNVL1XtLPeSElKNfY2b0TvgLE6fjXtevxX5NSZYsLFI3u6ek9NTrKs9BUlMRHdkHAstH-caDIrRhgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=2788183184196237300&adk=3676778483&idt=129&cac=0&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:35:01 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 975B 31 KB
12 KB 31ms
30ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 04:49:49 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 975B 41 KB
14 KB 27ms
27ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 07:58:52 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D079 1 KB
739 B 29ms
28ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 42418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 975B 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25d25b6e1363d37cfbefdf188676b9582ef3e1e3d49fc65ea13e8dc1638d0813

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 track
t2.teads.tv/ Frame 9A68 23 B
134 B 62ms
62ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.teads.tv/track?action=visible-1&vid=5976b637-ddbb-4b74-92fe-820771531737&gid=973884&studio_cid=185a10b0-df8a-11ed-a497-d5745f81ca65&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700601132140&cid=1027191&pid=169092&p=vxWLJI5cK2lAS0DMkrlDnm-AjJTm16sSqWBZjwr-OXo9rwE05ZlyqxMMhnocXRgucGCLl9kjWR8WdAtDzfYWXPMxeRpBD7Nui9LZ8ghORiO2XcMA0WV4qejeS3K1xLcxhqB9jE9VeMDUS-7UvJPwsP3qqaOzoJxkwT5bX8Wy4boMrs4Yed8FaDLrbM__Xum-UZDoS8rHwttG4wR_SrhKwH03bDDpQL31JrDBzu-TcsbP1v1NDnTxUo06sILH_vQZcAHHrBw3OrXEBdEll7Rikcj27V1UjkHtMkDFc1MampNZrmrRdFnzwXhrIF3xKX8ptrIMhf37AxaxL9iXU98ujhTA0t4M5ATvD5gOIOFxMdoBnQ&cs=364051406771148988305&slot=native&fv=1290&ts=1700601133209&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 21 Nov 2023 21:12:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 88C9 38 KB
13 KB 32ms
31ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 47601
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 07:58:52 GMT
expires: Wed, 20 Nov 2024 07:58:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame D079 35 B
362 B 40ms
38ms Image
image/gif 91.228.74.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKMw4xVG1EIhKVIz1GYijW0&google_cver=1&google_push=AXcoOmQjtpfL8acItsOLVc4VXz4oI_8oC7NhS_biygkLgYcoHznaDZk_eZprwKzYLekguUWX3QMbdaTQYPS1h2H4z0XNC7nLrdA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.206 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D079
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9BB24RQORy2L9AobT_OyLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

42ms
41ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9BB24RQORy2L9AobT_OyLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRvadfP7wu2r00rIbv_pO3DNpGoJose4j9sfckcJaSL1OhoD5eVXJ-bdMmm238klWZUdV5OL_TNDbHQo3sw7vX4AqN71U4

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9BB24RQORy2L9AobT_OyLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRvadfP7wu2r00rIbv_pO3DNpGoJose4j9sfckcJaSL1OhoD5eVXJ-bdMmm238klWZUdV5OL_TNDbHQo3sw7vX4AqN71U4
date: Tue, 21 Nov 2023 21:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D079
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_hm=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&google_nid=index&google_push=AXcoOmS3lblMpKn9z_UCA1UoCMCo08FnormEV...

170 B
188 B

46ms
45ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_hm=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&google_nid=index&google_push=AXcoOmS3lblMpKn9z_UCA1UoCMCo08FnormEVeock4nxJNhYtkso6FLz4INa2W4puZt4iVqrJLNu3xyX_X5IyrO08-o69aLYsw

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq%2FqQh3pG5n9%2Bh9KPGtPpnBgGeiZR6USWc0ENdy2%2F9TOPlCXfCvLPSAQUuyPEvmcS7pDX2zi5CtOSsojtoJpWGgj8o8js0La72ujvxF%2Bq9wzs5UAn7K4cLg8EoxwYjTDLmklx5aguacm9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_hm=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&google_nid=index&google_push=AXcoOmS3lblMpKn9z_UCA1UoCMCo08FnormEVeock4nxJNhYtkso6FLz4INa2W4puZt4iVqrJLNu3xyX_X5IyrO08-o69aLYsw
cache-control: no-cache
cf-ray: 829bedfad9e301f0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D079
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEALLgF5H7CWwN8Dwwo0SLzc&google_cver=1&google_push=AXcoOmQT4CvBiJ2vC-R1TbIVUr4uX-S35RR31V24zMACfJnd1zxqmHSdSO-Xb0moGDmmUIAEg1fF6MkJ6vAij4r12oWBr94JG4g
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQT4CvBiJ2vC-R1TbIVUr4uX-S35RR31V24zMACfJnd1zxqmHSdSO-Xb0moGDmmUIAEg1fF6MkJ6vAij4r12oWBr94JG4g&google_hm=M0ZySE9TU1hYblNPcFNxQ...

170 B
188 B

38ms
38ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQT4CvBiJ2vC-R1TbIVUr4uX-S35RR31V24zMACfJnd1zxqmHSdSO-Xb0moGDmmUIAEg1fF6MkJ6vAij4r12oWBr94JG4g&google_hm=M0ZySE9TU1hYblNPcFNxQzh4WEI=

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQT4CvBiJ2vC-R1TbIVUr4uX-S35RR31V24zMACfJnd1zxqmHSdSO-Xb0moGDmmUIAEg1fF6MkJ6vAij4r12oWBr94JG4g&google_hm=M0ZySE9TU1hYblNPcFNxQzh4WEI=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D079
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED9HVBaM01Kh45WrvRY-Odo&google_cver=1&google_push=AXcoOmTAdEVn-BquWzWlEfm7uwKpZX-CJgBt65kbG5_WsUrl9BG3o5Q4QuQLQrdbwyg3TloqYCXXViz6OhsJq9FGpimdkqrmHA
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTAdEVn-BquWzWlEfm7uwKpZX-CJgBt65kbG5_WsUrl9BG3o5Q4QuQLQrdbwyg3TloqYCXXViz6OhsJq9FGpimdkqrmHA&...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY3NjIyOTU1MTk4Mjg0MDUzMTIyNw%3D%3D&google_push=AXcoOmTAdEVn-BquWzWlEfm7uwKpZX-CJgBt65kbG5_WsUrl9BG3o5Q4...

170 B
188 B

37ms
36ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY3NjIyOTU1MTk4Mjg0MDUzMTIyNw%3D%3D&google_push=AXcoOmTAdEVn-BquWzWlEfm7uwKpZX-CJgBt65kbG5_WsUrl9BG3o5Q4QuQLQrdbwyg3TloqYCXXViz6OhsJq9FGpimdkqrmHA

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY3NjIyOTU1MTk4Mjg0MDUzMTIyNw%3D%3D&google_push=AXcoOmTAdEVn-BquWzWlEfm7uwKpZX-CJgBt65kbG5_WsUrl9BG3o5Q4QuQLQrdbwyg3TloqYCXXViz6OhsJq9FGpimdkqrmHA
date: Tue, 21 Nov 2023 21:12:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D079
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJkrQXnVojkaYD_PZpS4UKw&google_cver=1&google_push=AXcoOmRXCA-2mtSxBtMOXqJNo_qwJKsMP5iddkS0QwZXEwNhohMj3y3zNcBU4y-T11wCrKk9fMlwUW...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRXCA-2mtSxBtMOXqJNo_qwJKsMP5iddkS0QwZXEwNhohMj3y3zNcBU4y-T11wCrKk9fMlwUWK3EdkooROLUOGk8s1xgcU&google_hm=NjgyNjMzNTk...

170 B
188 B

44ms
44ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRXCA-2mtSxBtMOXqJNo_qwJKsMP5iddkS0QwZXEwNhohMj3y3zNcBU4y-T11wCrKk9fMlwUWK3EdkooROLUOGk8s1xgcU&google_hm=NjgyNjMzNTkwMzEyNDMyMjUzNw%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRXCA-2mtSxBtMOXqJNo_qwJKsMP5iddkS0QwZXEwNhohMj3y3zNcBU4y-T11wCrKk9fMlwUWK3EdkooROLUOGk8s1xgcU&google_hm=NjgyNjMzNTkwMzEyNDMyMjUzNw%3D%3D
date: Tue, 21 Nov 2023 21:12:12 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame D079
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1&google_push=AXcoOmRY4EVXyOBQUwXvNbn83nvjwofTzqxitVCb2LYBKTBEcrb1tPzG6D7aEBiGohC-v5mCwkLMwSUrmaO...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRY4EVXyOBQUwXvNbn83nvjwofTzqxitVCb2LYBKTBEcrb1tPzG6D7aEBiGohC-v5mCwkLMwSUrmaOLViiOILbxXMKrlIVW
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

36ms
36ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D079 0
12 B 45ms
44ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfR6HypqFsdR9UJ3OcROM64fpi1HDkiDP4OoQylM7Ff7QhaSY3a6eyG1FrbUB5qBgEWcSOWw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 88C9 39 KB
15 KB 38ms
36ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
757 B 62ms
62ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700601133397&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1574&pt=836618141&tz=60&viewable=true&ddast=V8bsgCLAYQkhkLyAg8jRAgJDMWkBF4GikAAABgYID-AEkunIvBaORai0wzx1q0WfnWCovDtRZuJhvfcOTcWCwLIyDJhXMxGI1ca5Fp5liLNivfWmFxuNbCzWTjG46cG4tlYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZkaDodPte9Xvf73SU-z1zj9yv8msFg5Pq71X635GV3i1x2n1vieoscfrfa7xa53HKHW_m6u6VOh93nlrveEqfD79Y4nG7p0WX3uWWut_Rh97mFroddaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4F4vC8zP4AAAAAAAIAAACABAAC-mEJgBjjvRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAxxCs2bum0lMFESIFk0UYAQAAAJB1dyU-MkknqFhU-f__77cCcAUAIGBxPvdcM4vuoMRbGAAAAIExC_Sw-P1mh13jd7vM_________7-Z_zP_aIR8jlzTAMmHI6n5BQQAWPMLCADARt0UzL0ZgBN0CFoxGKxOQMwOAAAAwJ3___9_PSDhmZmWw9HIM1kOByOPcebaeDyWhWnkmi03zpFpexjGtRbFRFws-2wIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGMbeHYTEautWSwnLhFw5VnLVxYTGuRYTcYzSyO4WyxcoteH9PHNVtYFsYtEgxQ24vkaZFOVLbJaGVa7mauzcTjGy1GzonFMliMFp7FYGXbzCxiieZkkU5kl33DMzMth6ORZ7IcDkYe48y18XgsC9PINVtunCPTvmNbODaTkWstGSwnbtFw5VkLFxbTWmTYDUYzi2M4W6zcotfH9HHNFpaFcd_YDQazwWIxGe4bu8FgNlgsJsN9h87wXX3ORmVZJfmYlD9rNdm3OQ0Kl8HifalP52HBWNCePEenzjRUdnZGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYYFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4dcMBiPX3632uyUvu1vksvvcEtdb5PC71X63yOWWO9zK190tdTrsPrfc9ZY4HX63xuF0S48uu88tc72lD7vPLXQ97ELT22wRSwSni3QiehlPF_UfPcRuOJdshnPFbjRXLGerBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914ExBOxf3___-PAwAAICOHHgAAAP0-oCwAAAAAAAB-BTGZzBb7B6BCrNVqdbuxVqsVsCAGu9FwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vA!rbcatc_vA!t45!tmaxc_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 56998cfbb7476f22a8da3a273fe72a17911744dcc34cecea968c92a0b0d0c354

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1479
x-cache: MISS
x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
server: nginx
x-timer: S1700601133.407384,VS0,VE33
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame E382 6 KB
3 KB 54ms
54ms Script
application/javascript 2.22.242.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.242.169 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-22-242-169.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Tue, 21 Nov 2023 21:12:13 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=5855
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434
expires: Tue, 21 Nov 2023 22:49:48 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88C9 0
59 B 68ms
67ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfR0aLR1dZeCYBIGk-gb1yoewAgAAAAA4AeAEAg&bg=!CQqlCkXNAAZxrfrxUa07ADQBe5WfONciMihdvN8zlr4FBkar_QMj7PTnqvCkQYi5OfeUFmi4CuWBU0_zOHR5Qhni7_zIAgAAAEdSAAAAB2gBBwoAVo3h4Vw42RbSa1YbvDiYHsWuqr0HvXGJE9xRpl1xuK5rd-4kSKHYvXmZWrMnhZwwpIVoCix4KXNDLUI8OmgyD4KiFm3cfsVrffRQMQgRKkgGZGWHSDbbmQL4hIFDAYUdRuP_3DOKdb2jC_z4xi4y7OE6UjzP6cDixO-4iXvPxcPnOdx75cVFrkbFwDuB4hSRanI45zTRD9ctuExPUGDhV7Xmi6sflU7YJ-BhgACsPthHYsVh-xR_YB7iKO973t9v88jL30Dm_huyQU43NnpJ90QGvFSTfxZrDsSe5uCBGddnA9NyNHRInBiSOYv2qCBIfDqu9d2wJ9VXMGOiOsGRM5Laqih_6Ewg6BYz8RNlmro1rUAGfHMMjI9XnCobqMpdDYKm2uMIigvOrPJ8CPqxazE7v5osuJDgK-LTmHWx7BAEOdZ-cHq0JFwqUytWTrDNS3tgxtFvPEkAprRJyty_8abvKvTFiR5bMon6V6yp-lnUyGXkBCJ0Uf6V213NETee4q76eOAjQlDvxr5Gzod29t8BRAEH7xcjikTv_qj0FbZoNs0BrwzQagqYuEDhBs3AQf5liZpsjB2lr-3Hvrf4q1ilJ5pUcK_q1eSsDVQy8DDyyllm9tjEp3PT8pN8avBYBXaGwuMx4r5pbU-fY-j-mGh6NizLnAXNX9OR7COlh_t5B29wNdoYY9T8UgSLcdX5JTb2-dhqiqixu-RzaxuQ9ioOjbXNV4w94SWRDgroybXiKuvpIiquXOerNNKXCU8tlMXpNKgUvgEXUQJEqJg2uUz0ClSMwwsAlv1Zz6JX0R6ikgadJfq-Gbm2O4mH9bOvY9ZZYc1t3LcV-XIDT6YQLWzhf3RCsP8rSaJPEojjYEbhL6aXwWWuzIyFAHyeWrKzHqkfmD86RrUxorXrcRMvxdgHASRQla7qZU36bx-ALI9AJacUbBMhHlpaVPDOSFuVCgmM0yvPgXIumlsSuc8f7tZTH2PgTOF6LUfFiU1Nrtt6ikDkfno41d4ZgZseY3uXjC9eVx7njurS20ttUk8pXrnJ-18Q62Me6e8prcYvW9ygRjhbDNSpTl2AkrPi48a7HZ69RbIMQR0zO3dGrKBHMc3JwW0hYGNIM0-FIhPVaQGaig

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 videojs.ads.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 91 KB
25 KB 33ms
31ms Script
application/javascript 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: br
cdn-edgestorageid: 1076
cdn-storageserver: DE-164
cdn-cachedat: 10/31/2023 18:59:58
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:21 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 577
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf625-16c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: e85fb1f68c2370fe7d1d96e5b28b3d4f
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 84 KB
19 KB 37ms
35ms Script
application/javascript 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: br
cdn-edgestorageid: 1077
cdn-storageserver: DE-676
cdn-cachedat: 11/15/2023 02:37:50
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:22 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf626-14fe2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 8431341724ef6fedca9f522d6cac6f28
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 can-autoplay.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 11 KB
4 KB 35ms
34ms Script
application/javascript 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-588
cdn-cachedat: 10/31/2023 18:50:43
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:16 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 565
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf620-2ae4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 083f38680bde702c3434e17f0d0993ce
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs-playlist.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 5 KB
2 KB 37ms
36ms Script
application/javascript 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: 2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-168
cdn-cachedat: 10/31/2023 18:50:51
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:20 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 573
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf624-13b1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: abc5815ae78a71a68e5b95ec6aeadffa
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK 4be13f7a-cf3a-4c95-bb65-01f5b2229e02
https://www.bg3.co/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/4be13f7a-cf3a-4c95-bb65-01f5b2229e02
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame E382 10 B
180 B 712ms
293ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HFSVKYD62CXW2RK7CZFJY0GG
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Tue, 21 Nov 2023 21:12:14 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 51ms
48ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a99e7e05f71ec616f7531edfe4ec28d44b0c7cc4896eb18df2688794affb16c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 21:12:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 54ms
52ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

Google Tag Manager /

Resource Hash

a9b42f8cc205cc62b67623fd6941d77fb888188e52203d026550c196b59461f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 21:12:13 GMT

GET
BLOB 206
Partial Content 020a72f8-5a30-47b5-8cee-91a513314f3c
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/020a72f8-5a30-47b5-8cee-91a513314f3c
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content ad4a7d0f-ee93-45df-a000-9902f4120b90
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/ad4a7d0f-ee93-45df-a000-9902f4120b90
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 2 KB
1 KB 40ms
40ms Image
image/svg+xml 138.199.36.8
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-8.bunnyinfra.net
Software: BunnyCDN-DE1-1048 /
Resource Hash: dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: DE-676
cdn-cachedat: 10/31/2023 18:58:34
cdn-pullzone: 873945
last-modified: Thu, 17 Aug 2023 06:20:20 GMT
server: BunnyCDN-DE1-1048
cdn-fileserver: 655
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=2592000
cdn-requestid: 947849d5e28c34dab5a296f37ff36124
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 1 KB
1 KB 442ms
30ms Image
image/svg+xml 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.unibotscdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
cdn-edgestorageid: 1047
cdn-storageserver: DE-676
cdn-cachedat: 10/31/2023 18:58:25
cdn-pullzone: 483488
last-modified: Thu, 01 Dec 2022 03:57:52 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 135
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: d2b572208df04508f62101ca49c4ef12
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 737B 752 KB
241 KB 31ms
27ms Document
text/html 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 297867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 10:27:46 GMT
expires: Sun, 17 Nov 2024 10:27:46 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 950ms
45ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 21:12:14 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E765 40 KB
14 KB 35ms
34ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:55:28 GMT

GET
H2 200 playlist.m3u8 Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 171 B
835 B 560ms
49ms XHR
application/vnd.apple.mpegurl 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: NY-267
cdn-cachedat: 04/11/2023 16:02:55
cdn-pullzone: 829957
last-modified: Fri, 09 Dec 2022 05:44:02 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 354
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: beec8b1a6021f5aa759020c608c4b961
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK 65c8b305-a015-4d6b-a4d7-7998ac3cd8bb
https://www.bg3.co/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/65c8b305-a015-4d6b-a4d7-7998ac3cd8bb
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK 3ebba1c8-2903-4231-8202-5a2ae28c0dda
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/3ebba1c8-2903-4231-8202-5a2ae28c0dda
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK 32756b8f-b98f-4b0a-a31e-3cd74f61a1d8
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/32756b8f-b98f-4b0a-a31e-3cd74f61a1d8
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
47ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je3b81v9134755342&_p=1700601128264&gcd=11l1l1l1l1&dma=0&cid=1789578989.1700601129&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700601133&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&dt=300%E5%A4%9A%E8%90%AC%E4%BA%BA%E7%AD%89%E4%B8%8D%E5%88%B0%E8%8E%AB%E5%BE%B7%E7%B4%8D%20%E9%81%8B%E5%B0%87%E6%80%92%E9%A3%86%E8%94%A1%E6%94%BF%E5%BA%9C%E9%AB%92%E8%A9%B1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1&tfd=24723
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 975B 0
0 228ms
79ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZsAbtonIb59d7EXiAxni3wmz9oEZkzQdaqup_G373vOYKqpx4jIWaZXbw71DwssG_UtgVhXm2bq8HZrXGNJCsXU1T5l22WCe4mgIOqI1bLmCV_9hh1rBx_ZaKvPgEeY8q5nU6fxLX3MoteilHLspgpT1vI5QNFEnCmb3Pr-QZaFJnSU9-lUgReNU1D6Yrqd0LZkWGlEdmK8ONyuj8sJDBd9YoVs9V-nBpYW2SwYjJSF-luTspzH87_AAeasdm10O1xvu16_Ko6KZWu76nm2QexINLdm2Ce5LLsPyUBfTLY19kinvPNwTUHDPWcbEUCf9f1IfYH-PrPwnkalIKSoNWF1QnRZO3J_jK5MAvIxIg_2oaSzT8nSNIC7uYiKViMBtEoPNybv7vpJaOKKJ5ntxEgJmSvlhT8kkS2tPmkgjSI0b9q00zAU2tuYq0jWcL_ieck9HxSUVLwzDD5IhSAUgGlhCauIhDzDUBzf6UoXIFQEDeIwYuKwBHF8ZJ9AXcTyI5nW5XdYKY5li70svPSju10LOJI7gByTtk1zfeqJcHcqxsFqwBWdvi7eHBtgm8YZFOH-bSseO9XFdtw1FeNwIww71M3qOzSHotaTzVgbpnt19_f_Kmv1P1iCHALYUZfXUGez_O0PhGcV0i8aCExCzPGaT9XoINxcPikR_xNOl8D9fkRvSAXYpoDuqpflSnxjG_7fBj9BLqZO7ITt6_Xes0-AfNOF3HAIrjj2NdCnKC-ftzmavUA_CLbBUvSPQItl3NDObiAJJnQW-WiKGIthEbs72sbCZTAoC1n9Kekpf8o_9Sl_MCR9upd5aBT615F4g674v4_FfHTKIR0CK-hV3w5Q3DwnOc1r7qNVPJZDt-ilSZNySVVeqpohrSeA4tubXsuumA4VrhgoCDbLoZQ8kIocftPwOGqit2AZvdANsplU6w0PbIOduIYyIpB6YoX4d1VALX9rtugu_WSsuecCWd1fzHpwv1OEj5BRVTBm4oW39nyrZbDjMVrpT7HHkA_r4_XOL14BLUtkg3jDhq7hgb3u40UzabsSJQk_02c4mKYlajbEBaKLoP9gUDe7Fbquvd_p50Hs4ku7ynAjebaLbDcuoHs_yPZAXmayJrHKbvywuUqd5HhWe1Kf5IFS4dvDFVFYvNn5ihcasuEU82pu5LSlnV1iDiTFbi2NNB0AT6siO_gp0xwwM542MOG7unS9P1x99TEFHeRYAJwzCC7RqMgyVe6w_yS0ABTzNUL1Pr85z_TcB-GmkgdbhuoAuvPrYWihWX6oFon7pcRBrF_Ne2parFcpaogqip8FVvHSbyQKatKMHlr3kH01dTHBM2ea2Zv-AkNIUPRq9Z17fD_GBwRVpf0yusR7Q_9DTl_JYVgoYekEvdrDqq97_uqceUYh-UMuRq58FOENefsU1E2LaoJFYHwO1SuY4x3ErGx8oaL0L6StvnFw&sai=AMfl-YS3zPxESCbzYTCDZUdjdvCsuh4ugGakzss_so3YC1WL9DoJ6--FQqA_04ltcUoWBs3H7QUAQraayGFBwPryxtxjHjtLTx_TZjqgKVtdG5zaomUbs4kG0hWsIQof26V4xMA4glNrlgiMlIMt7kcgwPn5m6_CxwTGwMwY9yTOMFsGnrMTVwpa68cwM1pKmxS-dPnvu7oLcwkJr6ESggknyJJsv2wLyxrcmbSebMIETEq-anwbaykUSg-kyO9KKowhys6Y_UO5oJORGEw_ThgP5LgG3cHhU39Ayg&sig=Cg0ArKJSzIlkCpcw5ulHEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=598&cbvp=1&cisv=r20231109.89675&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 21:12:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 10290845057159846043
s0.2mdn.net/simgad/ Frame 975B 11 KB
12 KB 784ms
43ms Image
image/jpeg 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10290845057159846043

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d220d31308f479706e776157adb1bd09563f379fc1ffc26584741da6fd678df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:03:00 GMT
x-content-type-options: nosniff
age: 338954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11333
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 09:15:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 23:03:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8B9F 42 B
113 B 75ms
74ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufeMP_rd6EeDG7dBL0VgnnHP58XStBTr7I2IN7hpholXUgDeB6hUF34he1AwxTGKqs-hADLXHLFhs-RqiabNxXqetgpmk4DjSKcLCarBkW4YXs8rk8ynaFSJKHUukXnzOpz4xZHgR9iiFUF8za8k2vk8W2DqkA5sM1hslB9caehKw45PtUDBV3WNSIkalpQvU07p1rMxpx8-baOiBQH-s-8PG01EtI3OxEOYFwfffu94WYHtIpKXiYlIV6ODFoS48sgUsdm-oUUnl1gyGov6mHaPrjdA4kndgl1OOwDM6d02aAlR0OZfJ4P3iT-tpEiuuRnVphbizpnrXYghNdusheJVy2IxYMKRvXoWd_Xx2-6pzgnnjPhygRCrGOxdIYGUUSVl97fqZnGAnfKFqm97fqJIUgw3WKKygqjdVH-Mml3WvXUEPUYAI5VvxMS_lUvwbh4hQGgWQ-OLlNSn_5zU5Y8JE0EblWKBO99hd_Zc6E7vkvQVccksDHRa1JU_5Hprg3WlHj1j6Soy70z2Q1MU4sCLaB5N8wH9-HPf28uWXswhH6IYLwxdbIfN-0vJ7z4NQ94DMVkKWvilmkTT3G_lV_xvxcYKnXn6_Y8qBK_iIKd5vtHSXuT_MMWKmrhVGkbCGrhooWBSGnTFaqDjB7S-kUWBusZ27f_PB43BimfiA5lh1738NWUps4nUc01Zx4R9aL6liM-YLcG7z35T6QXKsioV9y_G0NrJRjPjstIDfLQgpoygcjnFbPPaYVePjI8hw_9ap9yYAH-jF5kyqIxTpRtt5WYQTNRCOnbuX_6g4epphddg-pxobqyltAX6nKNPzEvvqqpHwq_5oRLS3h4rUZwwxWKRQMVAHUTNWzoHcqCEb57OHyrlFPjQYaJsFgMGvrmw0QOBfb80YTfhWdc0trVcv8WV7azg2d1bSSENNAQoK76KHqNeOsZtwOiSP3RBso_rkfxt5D1bvohJQWQ3Mq3cEoIjlCFWzjySwn27uItnLc0vMlWl8XSQhnrV1R8AJhoRAl-7ka2-emls6FVKwNBUfleDe3KwWL4VwMmu_IbzqSrI3rEHwQ4U_c8xPNnh8R60H_gKKSwckGhR8NHubPfyaNoaFbI6jI7sEOrKvD8wICjEyW6ohIFUA9dKbFBkfAil_WrYsiQsgJawsffRtxYUzXqCYYJ5RGS3KkEf9FL4ugtE9eI5oQbnoFo8cp3Vdi88Rp1tiUc3LdCbK6XBmx-2ikB88N56uF7FgZ5hhLuYYUAq8UKy5moOkSGDxp269_imnEvv3R7fUpSCfd5kUCyjIoyp-dvNU4SAe0I96KeOGBO2wUIqCCjlslD0ReS2BGGIFIvUmLoAysAJMy4PbRdS9DIpfKRiVD1OF5zTRv_YhPY_LHIi2EmUbHyZRO9gMDaQJaAMAzFuizQrhYE7nTMMU7E1dnb8VI9v5PRTmky_-oFCT90nRCuvMgvoxvXkKpn6cRKz7TeTfi_RkMZRdE-h_f8G2djBSbXnoVzKV_kL7VKCz7429DtSkiK1zmvVTUeJOpsYs9t1vM09P9HJ7y-ramsFoNglAeXfS_9nprPag7HWwxPp2aIpvVxc4o7A8fnrflKAKZXlbPpVni3N6YIB243Cc4eg3ErGqynKjh80qQchPOrvBqPJahJDRW1h5SdVZ5b1Ef5hniiJPFv4DrTuFywujr62lfpq4&sai=AMfl-YRxqaGOm-5DTfkVvUXE1coCVVSfZ4oeHrpPQxUpweZeCZu4Ra9hYrJkTn3-JY_ggpmZilvEM4HTaxPlLDsMSG-nm5XWrqMObZ6Ir8P2imhqFKPFNxXl2pZ8EiZxtB8Gv5ibOpsDArkCUg&sig=Cg0ArKJSzMf3mHuKjk5IEAE&cid=CAQSPADICaaNMGQQIx4K9TQEDZVIOMHkjPJxtG3X53oafho1-BYT_1T0ruGZmct9PY3g6l2RgaHKNiLTPEJNuxgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1075&tls=2075&g=100&h=100&tt=2075&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 120ms
114ms Fetch
application/json 3.233.155.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 720ms
115ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 227788
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 74ms
54ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 262142
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
418 B 47ms
47ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: c2538ef7413f926e1665cb1a0eaeea3a9b855f7a275ab173d48e4ad53aa029f2

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 21 Dec 2023 21:12:13 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 15E4 9 KB
4 KB 165ms
67ms Document
text/html 108.156.39.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.39.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-39-59.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 21640
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Tue, 21 Nov 2023 15:11:35 GMT
etag: W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified: Mon, 02 Oct 2023 23:54:30 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 6dcc614055ae7b26eae9b754199e9f94.cloudfront.net (CloudFront)
x-amz-cf-id: KkAOQEBtyy7rKA0WUpxBKcU96utgsLTG2EzZfoqgsdIMHaLsL8k9RA==
x-amz-cf-pop: LHR50-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5: d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256: 8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A2D3 281 B
555 B 27ms
26ms Document
text/html 2.16.97.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-239.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Nov 2023 21:12:13 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame AC35 6 KB
2 KB 79ms
56ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bedff7fd1bac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2BB2 52 KB
17 KB 140ms
61ms Document
text/html 23.213.168.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.168.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-168-226.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 21 Nov 2023 21:12:14 GMT
ETag: "623de86a-cf34"
Expires: Wed, 22 Nov 2023 21:12:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 3B10 24 KB
8 KB 221ms
100ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

6dfc706a10913e0ed6ca3a49f053c1878a47b508ca22e7a9f97f7c4e3dc83e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8528
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: Thu, 23 Nov 2023 21:12:14 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6EF1 4 KB
2 KB 29ms
29ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1700601129865

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

429402e85739c02e3ecc1fd983f84647568ec0f53ec44acc773c8ebef0ed2ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1408
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
eb2.3lift.com/ Frame B5EA 37 B
139 B 42ms
29ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 21 Nov 2023 21:12:13 GMT

GET
H2

200

pd Show response
adpushup-d.openx.net/w/1.0/ Frame 09E5
Redirect Chain

https://adpushup-d.openx.net/w/1.0/pd
https://adpushup-d.openx.net/w/1.0/pd?cc=1

653 B
743 B

54ms
53ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 82fabd70d21ddb7ac0e3f61f45fb9d324eb1358ef264d839c737d6af3d4752dd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 412
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 21 Nov 2023 21:12:14 GMT
location: https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 532A 3 KB
2 KB 132ms
55ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 884
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 829bedffe84e0229-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: Wed, 22 Nov 2023 01:12:14 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 10A6 0
0 31ms
30ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Tue, 21 Nov 2023 21:12:13 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A2D3 46 KB
13 KB 34ms
33ms Script
text/html 2.16.97.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-239.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4c7dea702fcc7f49a0c9896c80e2c246c179e05c9c59785b003598b5e1a3a9d3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 02:00:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17326
Connection: keep-alive
Content-Length: 13229
Expires: Wed, 22 Nov 2023 02:01:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 6EF1 43 B
443 B 179ms
53ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x29 config_version:"3800" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:14 GMT
Server: MT3 1143 599e619 master zrh zrh-pixel-x29 config_version:"3800"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Tue, 21 Nov 2023 21:12:13 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6EF1 0
239 B 326ms
90ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 6EF1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6117488627336397699

0
340 B

59ms
59ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6117488627336397699

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
an-x-request-uuid: bcacc4e2-dadb-4cdf-ba27-1858f34a6b7b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6117488627336397699
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 6EF1
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=eef3548a53336fa2df689a6b7b2ae3&gdpr_consent=&gdpr=1

0
340 B

94ms
93ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=eef3548a53336fa2df689a6b7b2ae3&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:14 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=eef3548a53336fa2df689a6b7b2ae3&gdpr_consent=&gdpr=1
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1700601134739086-604

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 6EF1 42 B
679 B 51ms
43ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=FkTIx2iRsgFWMRr0hdIYjC0BKVitVOCXGDau1EUs-uk
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EF1
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_O5--AxHXlu3sNdDtmc5XYMvyVlWETmpw

170 B
188 B

958ms
957ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_O5--AxHXlu3sNdDtmc5XYMvyVlWETmpw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_O5--AxHXlu3sNdDtmc5XYMvyVlWETmpw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 6EF1 0
75 B 165ms
55ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 6EF1 0
0 82ms
69ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6EF1
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=FkTIx2iRsgFWMRr0hdIYjC0BKVitVOCXGDau1EUs-uk

43 B
479 B

172ms
172ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=FkTIx2iRsgFWMRr0hdIYjC0BKVitVOCXGDau1EUs-uk

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 20FWV4ENZ18NZH074XS8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=FkTIx2iRsgFWMRr0hdIYjC0BKVitVOCXGDau1EUs-uk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 6EF1 0
42 B 266ms
81ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:13 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 6EF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1

0
340 B

51ms
47ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 6EF1 0
38 B 57ms
50ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6EF1 70 B
148 B 82ms
75ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 6EF1 43 B
145 B 53ms
46ms Image
image/gif 35.157.183.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700601129865
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.183.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-183-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 inview.20190130.min.js Show response
js.genieessp.com/j/ Frame E382 5 KB
2 KB 353ms
349ms Script
application/javascript 222.230.178.131
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/j/inview.20190130.min.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.131 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
last-modified: Thu, 14 Feb 2019 06:15:01 GMT
server: nginx
etag: W/"5c650765-13cd"
content-type: application/javascript
cache-control: max-age=31536000, private
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Nov 2024 21:12:14 GMT

GET
H2 200 jstag Show response
genieeintl-d.openx.net/w/1.0/ Frame E382 49 KB
18 KB 85ms
64ms Script
text/javascript 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://genieeintl-d.openx.net/w/1.0/jstag
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7b4bacaed5b476e469435d6812a4011d47d1ebe537a37935f195a8ac55f682d8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18065
expires: Tue, 21 Nov 2023 22:12:14 GMT

GET
H2 200 gl1
ialaddin.genieesspv.jp/yie/ld/ Frame E382 43 B
245 B 329ms
327ms Image
image/gif 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ialaddin.genieesspv.jp/yie/ld/gl1?zid=1551001&asid=11030163&idx=0&cb=23e232797b&l=UcsfXWeGKC2tKk7OSsd8VubR7-q8lq8Q2_kwvekcAh5IANSC5RNxk8K2DHlhR7dH0u7EkQewOiXYD9lKyiZXcuzPIbZXlk8k6xutIwWM7nWI5gJQZ2MhsuykMPOnRc6WRpVC65kR77vskLm9_PskxZSiADXby3KFrAet5_SwDPtpNon0LNqurj3C9rMr2qxVtO6RtANsiouTnj95XktX7in-vR8D-QjsewrkfpytoRn24fintAh_0HG3Jl-PQLyA-qmxp_C1-3j3ECQDxv1AnG2D4ZpjJILj-1grlquWjfxu1MtJ53LQQp04iEv-mfPx-RFRhoqqjsxZE-YgEmNYvlzmd-8osCSFnVg5bvf8VCKZquMMrOVdOtrRavgROIdx86QGlAqBwgEWn8usPF-kVJSA65OqdlK10Mo4jBCKEGyQrhrZGP-K4VZ6djf-BOL-uVWyGMZ4aGs0VEH1-kptVD_cebxhiuvRnRM-IOyj-TJ66xfaSRb20yb00I6v2cPWgBuXUsVKnEGMRroeLsp4Jnzq_vIqShGYW427LrznjJuFEMbeyQlAfW5zamp-CwKbvgaAyfFacZkF9awuKiU2ZHf5xVCPQ4Q4Th2DCiEKVUTgmVVcmDCpP1uadLmleIb-ysuOFCAvDoy_rQvnKQaLHg-tG4kE0_rAjW4-MuVwZmGhbWWtvGYNs7c4Q9MotPCt3Hvt5x8blhDHGXXyzrM773svgYUZmj8wl7L5Y2Ljd6BbBi8Oykpvld4qcU7hynZw3PEuuwprUZyqdpC7x4yPm3YpdHlEx3MX7JOLb4epk_k
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET

lcs
rt.gsspat.jp/ Frame E382
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
https://rt.gsspat.jp/lcs?lamp_sc=aladdin

0
0

GET
H2

200

acs
ialaddin.genieesspv.jp/yie/ld/ Frame E382
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA4grSU1wzEdLd4T4NVYMAySS9thpaTeZz1gkI0PZLPa2Uf6LIbHEV_YJ2SsmJfVsAg&format=gif

43 B
368 B

303ms
298ms

Image
image/gif

222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA4grSU1wzEdLd4T4NVYMAySS9thpaTeZz1gkI0PZLPa2Uf6LIbHEV_YJ2SsmJfVsAg&format=gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 21 Nov 2023 21:12:15 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 43
p3p: CUR ADM OUR NOR STA NID

Redirect headers

location: https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA4grSU1wzEdLd4T4NVYMAySS9thpaTeZz1gkI0PZLPa2Uf6LIbHEV_YJ2SsmJfVsAg&format=gif
date: Tue, 21 Nov 2023 21:12:14 GMT
content-type: application/octet-stream
cross-origin-resource-policy: cross-origin
server: nginx
p3p: CUR ADM OUR NOR STA NID

GET
H2

200

acs
ialaddin.genieesspv.jp/yie/ld/ Frame E382
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAzCw9viAzCcRY5VtQXlQjRuJrdUrYeZLRM3-T16Pq8tMVKRgi93IxmQmEswssOW15A&format=gif

43 B
365 B

304ms
299ms

Image
image/gif

222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAzCw9viAzCcRY5VtQXlQjRuJrdUrYeZLRM3-T16Pq8tMVKRgi93IxmQmEswssOW15A&format=gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Server: 222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 21 Nov 2023 21:12:15 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 43
p3p: CUR ADM OUR NOR STA NID

Redirect headers

location: https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAzCw9viAzCcRY5VtQXlQjRuJrdUrYeZLRM3-T16Pq8tMVKRgi93IxmQmEswssOW15A&format=gif
date: Tue, 21 Nov 2023 21:12:14 GMT
content-type: application/octet-stream
cross-origin-resource-policy: cross-origin
server: nginx
p3p: CUR ADM OUR NOR STA NID

GET

ge
g.c.appier.net/ Frame E382
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
https://g.c.appier.net/ge

0
0

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame AC35 48 KB
12 KB 68ms
57ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1712797
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 829bee005938bac3-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2BB2 0
598 B 51ms
49ms Script
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
an-x-request-uuid: 489f3a04-96b4-4882-bd2a-3a425858a9b6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 44EC 2 KB
1 KB 914ms
914ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab4fe3b376386e6fee8df9a6434dfc2084c8d6f4fff6d91640720fe91cab953

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 829bee006b7a2355-ZRH
content-encoding: br
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lwsnQE%2FIAZXl28NGG1pc2JTWX8fNFWR7KqDaT1Rf1GCW4zcrC8uA%2BZ3KZNAdiBvWKAraEMzxg6c%2FRHThDscphfimmgajwDXruKTSKeqybrS3M4imY6igswBi6nIuyCHce3dbDwZC00GiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 3F59 3 KB
1 KB 310ms
65ms Document
text/html 34.243.178.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.178.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-178-203.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 59ae2daba2b16406c2830d7049444a2965e1556722b95a724736cb143a2bbf67

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
etag: W/"0c37aab0d21fa500397e9c75f85d40818"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 73BC 4 KB
2 KB 48ms
47ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

8853db5acf3e2d030ffb09b494755494b39e30962db8baba57409e0ae81de277

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1430
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 39C6 756 B
858 B 50ms
48ms Document
text/html 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 03d1722512070fa1de64d84159cd3feaf2a4d90bf530cfb95a0890744e986017

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 756
content-type: text/html
date: Tue, 21 Nov 2023 21:12:13 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 2723 2 KB
1 KB 911ms
911ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ae0672b3f9fb87888b233e11d3f2543e5b703225a86058ad29ab4625d7c5563

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 829bee00abca2355-ZRH
content-encoding: br
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pKHKoiTyAA5t9aLjlGk%2B07IYYn0q8M1hfWgwbd%2F%2Bx7qd8c%2FZtFGeiwYWRnPOF0wahkNt7d281ckLUQiNHqAHAbz8DOul4A%2BmkTiqeRthLv6ib1GEzXWRun7At3Ed1vguoe%2Bs9PrPFbz%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5313
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
555 B

80ms
79ms

Document
text/html

2.16.97.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-239.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Nov 2023 21:12:14 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 21 Nov 2023 21:12:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 283B 16 KB
6 KB 297ms
61ms Document
text/html 2.18.96.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=164669
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: Thu, 23 Nov 2023 18:56:43 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 6ACC 1 KB
1 KB 767ms
165ms Document
text/html 18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: cf47117e9c6b03f0d5ac049a5700722b8478a3d430a41403f1651a0235a21798

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-encoding: gzip
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
server: istio-envoy
vary: Accept-Encoding
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-id: SuLT5LrJe9XFhbOXK9mXDJoADBnW28Bi_wJbf3MqfZOpDx9w7-gD9g==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 3

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame C526 0
160 B 294ms
59ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Tue, 21 Nov 2023 21:12:14 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 41F8 557 B
1011 B 750ms
153ms Document
text/html 3.221.116.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-116-77.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 4e86a5449008d39da596983d0ddb8b2c3cfe3e68defa99868f6d9371594aec01

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 557
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
server: istio-envoy
x-envoy-upstream-service-time: 2

GET
H2

200

sync
ads.servenobid.com/ Frame 15E4
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=6117488627336397699

0
344 B

70ms
69ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=6117488627336397699
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
an-x-request-uuid: 38946352-d401-4cc8-bd8a-060368cb473e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=6117488627336397699
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 15E4
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=Hsf4sRZHbG0LQ1usQLObA6-w

0
349 B

82ms
82ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=Hsf4sRZHbG0LQ1usQLObA6-w
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:14 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=Hsf4sRZHbG0LQ1usQLObA6-w
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 15E4 0
277 B 313ms
41ms Image
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 21 Nov 2023 21:12:14 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET

cs
ad.turn.com/r/ Frame 15E4
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700601134411
https://ad.turn.com/r/cs?pid=45&rndcb=3208530622

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 15E4
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5108559731008102379

0
344 B

162ms
154ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5108559731008102379
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5108559731008102379
Date: Tue, 21 Nov 2023 21:12:14 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame 15E4
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=a8ecfce3-36f9-4102-9564-bbd02aada8cc

0
356 B

240ms
239ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=332&uid=a8ecfce3-36f9-4102-9564-bbd02aada8cc
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-50
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.servenobid.com/sync?pid=332&uid=a8ecfce3-36f9-4102-9564-bbd02aada8cc
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 15E4
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

70ms
69ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Tue, 21 Nov 2023 21:12:13 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 15E4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A

0
366 B

70ms
69ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A
date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

services
sync.technoratimedia.com/ Frame 15E4
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-93426c00-e96b-38ff-88a5-509619b1c13c&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 15E4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A

0
366 B

71ms
70ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A
date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 15E4 0
34 B 63ms
57ms Image
text/plain 52.59.59.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-59-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 15E4
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

82ms
65ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 21 Nov 2023 21:12:14 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Tue, 21 Nov 2023 21:12:14 GMT

GET
H2 200 video.m3u8 Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 4 KB
1 KB 82ms
79ms XHR
application/vnd.apple.mpegurl 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
cdn-edgestorageid: 864
cdn-storageserver: DE-588
cdn-cachedat: 10/31/2023 19:01:47
cdn-pullzone: 829957
last-modified: Fri, 09 Dec 2022 05:43:14 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 301
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: 399e0a2533f14a9d159d6088f19deed2
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 09E5
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wOZ6wMe3fcbb4X2Xz-tixcW2d8Hb5CuWwLehbRHB

43 B
122 B

99ms
93ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wOZ6wMe3fcbb4X2Xz-tixcW2d8Hb5CuWwLehbRHB
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wOZ6wMe3fcbb4X2Xz-tixcW2d8Hb5CuWwLehbRHB
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 09E5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2280356163980672860

43 B
106 B

116ms
95ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2280356163980672860
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2280356163980672860
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 09E5 43 B
855 B 180ms
179ms Image
image/gif 67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=0aa20de1-2e2d-8eff-ab3e-1b79e2028bef

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9039ZHW9PHHMHMCHF22R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 09E5 70 B
148 B 87ms
86ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=5274719c-3287-3505-6b30-99ee8a31400f&gdpr=0
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 09E5 170 B
188 B 881ms
880ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2UxYmEyNTYtZmJmMC02YmExLTdlZDAtYzM1NzQwZDM4ZTZm

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 09E5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKp2_fw_qjHDLMzycP1ksgM&google_cver=1

43 B
106 B

171ms
167ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKp2_fw_qjHDLMzycP1ksgM&google_cver=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKp2_fw_qjHDLMzycP1ksgM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 acj Show response
genieeintl-d.openx.net/w/1.0/ Frame E382 468 B
559 B 178ms
176ms Script
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://genieeintl-d.openx.net/w/1.0/acj?ai=22c68847-f828-444a-aac1-94970a240fe1&o=4315754131&callback=OX_4315754131&ju=https%3A//www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Requested by: Host: genieeintl-d.openx.net
URL: https://genieeintl-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 92d2b99db818b60250bc51e5d98976062ac339e484a01ae149b53765b7f9ab4e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 286B 0
318 B 101ms
100ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee010a0abac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 track
t2.teads.tv/ Frame 9A68 23 B
134 B 120ms
117ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.teads.tv/track?action=visible-2&vid=5976b637-ddbb-4b74-92fe-820771531737&gid=973884&studio_cid=185a10b0-df8a-11ed-a497-d5745f81ca65&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700601132141&cid=1027191&pid=169092&p=MPaILAg9vc0BSJaD5-nhKZy4a0d0ufOhKmQS2bu-GjBaxso7vigI4p1n7g5mDzLeeWfJDj9Yw_IXzcrRVp8xi1NZha_MjCfJSIT9eWR3U8eRs_IfovMlt-UXzt303sP8Wmi-NQUt47NY-udVlDMD83-PvrAeDofnq4IpKKaeVZLilo28wWdaiaOuYSlqUJSQAR5HJ3rJgO6bS4lu7SvWkPHBInTF9GNo9UxVBzHm0_9aaSG-AuF34GE8jxJHsysSOUuInCP0RD0YZpiNX0rnogcUKbysXY8UmI6jFEKf32E8UoSjEDqOZVbL3caNLOi_G6fB4hcprLFUliFIEk61o4jWQK2-EzV7jHvpzju4nLzrkg&cs=-398135088985764660105&slot=native&fv=1290&ts=1700601134199&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 21 Nov 2023 21:12:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2

200

6826335903124322537 Show response
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 33F3
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
https://csync.smilewanted.com/set_partner_userid_get/smart/6826335903124322537

0
665 B

214ms
213ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smart/6826335903124322537
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee055ee8bac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Tue, 21 Nov 2023 21:12:13 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/smart/6826335903124322537

GET
H2 200 sync
ads.servenobid.com/ Frame 39C6 0
344 B 99ms
98ms Image
image/avif 54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=6826335903124322537&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 39C6 70 B
148 B 102ms
102ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 39C6
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=7aed8f7c-e32f-4048-a8b5-13738eb2fd65&gdpr=0&gdpr_consent=

43 B
425 B

506ms
62ms

Image
image/gif

81.17.55.173
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=7aed8f7c-e32f-4048-a8b5-13738eb2fd65&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:13 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=7aed8f7c-e32f-4048-a8b5-13738eb2fd65&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 837553
content-length: 0
expires: Tue, 21 Nov 2023 00:00:00 GMT

GET /
csync.loopme.me/ Frame 39C6 0
0

GET
H/1.1

404
Not Found

81a66732ddece2b186cdce7b6a45cef8.gif
cs.videowalldirect.com/ Frame 39C6
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cf2b5170-0a6c-45c2-8aed-c49a1595875b&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Dsm...

9 B
737 B

524ms
155ms

Image
text/plain

8.2.111.52
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cf2b5170-0a6c-45c2-8aed-c49a1595875b&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Dsmartadserver%26bsw_param%3Dcf2b5170-0a6c-45c2-8aed-c49a1595875b%26gdpr%3D0%26gdpr_consent%3D%26gdpr_pd%3D
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 8.2.111.52 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

Redirect headers

location: //cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cf2b5170-0a6c-45c2-8aed-c49a1595875b&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Dsmartadserver%26bsw_param%3Dcf2b5170-0a6c-45c2-8aed-c49a1595875b%26gdpr%3D0%26gdpr_consent%3D%26gdpr_pd%3D
date: Tue, 21 Nov 2023 21:12:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 73BC 42 B
679 B 70ms
65ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=FkTIx2iRsgFWMRr0hdIYjC0BKVitVOCXGDau1EUs-uk
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73BC
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_O5_Lv_OAab0EjEWZzLghmKtvGAKBFpDg

170 B
188 B

880ms
880ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_O5_Lv_OAab0EjEWZzLghmKtvGAKBFpDg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_O5_Lv_OAab0EjEWZzLghmKtvGAKBFpDg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 73BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1

0
340 B

72ms
70ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBQd2PDVqWeSiTQFIW8jEXk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 73BC 43 B
442 B 68ms
64ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x7 config_version:"3800" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:14 GMT
Server: MT3 1143 599e619 master zrh zrh-pixel-x7 config_version:"3800"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Tue, 21 Nov 2023 21:12:13 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 73BC
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LP8U06J4-1T-IVXA&gdpr=0

0
340 B

38ms
38ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LP8U06J4-1T-IVXA&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LP8U06J4-1T-IVXA&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 73BC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6117488627336397699

0
340 B

87ms
86ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6117488627336397699

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
an-x-request-uuid: 3197cda0-99d9-476d-8d2b-8b0038d03091
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6117488627336397699
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 73BC
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=1d6dc82131f6a8cd3f86b4dac655425&gdpr_consent=&gdpr=0

0
340 B

177ms
176ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=1d6dc82131f6a8cd3f86b4dac655425&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:14 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=1d6dc82131f6a8cd3f86b4dac655425&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1700601134842066-532

GET
H2

200

/
onetag-sys.com/match/ Frame 73BC
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=6826335903124322537

0
340 B

85ms
84ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=6826335903124322537

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=6826335903124322537
date: Tue, 21 Nov 2023 21:12:13 GMT
content-length: 0

GET
H3 400 711916.gif
id.rlcdn.com/ Frame 73BC 0
0 931ms
928ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 73BC
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=drZq60u6REgdz_lNdzdgbFHAJ3vdTKwytufauda0Bk0

43 B
479 B

150ms
149ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=drZq60u6REgdz_lNdzdgbFHAJ3vdTKwytufauda0Bk0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 56JB1D8P1ZRNJ8YZGRTS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=drZq60u6REgdz_lNdzdgbFHAJ3vdTKwytufauda0Bk0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET

Pug
image2.pubmatic.com/AdServer/ Frame 73BC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjQxMDc2RTEtMTQwRS00NzJELThCRjQtMEExQjRGRjNCMjJG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 73BC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A

0
340 B

88ms
86ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-fPv9eVxE2uEerP2q7pKruSe4uw0ffzbkiwzIxrg-~A
date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 73BC 70 B
148 B 92ms
89ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 73BC
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=cf2b5170-0a6c-45c2-8aed-c49a1595875b&google_hm=Y2YyYjUxNzAtMGE2Yy00NWMyLThhZWQtYzQ5YTE1OTU4NzVi
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPfuVjPpvdtqYTytxM4mwyk&google_cver=1&ssp=onetag&bsw_param=cf2b5170-0a6c-45c2-8aed-c49a1595875b
https://onetag-sys.com/match/?int_id=30&uid=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=&gdpr_consent=&us_privacy=

0
340 B

102ms
102ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=&gdpr_consent=&us_privacy=
date: Tue, 21 Nov 2023 21:12:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 73BC 0
365 B 89ms
86ms Image
image/avif 54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=318&uid=FkTIx2iRsgFWMRr0hdIYjC0BKVitVOCXGDau1EUs-uk
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

6117488627336397699 Show response
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame EB12
Redirect Chain

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
https://csync.smilewanted.com/set_partner_userid_get/appnexus/6117488627336397699

0
375 B

122ms
120ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/appnexus/6117488627336397699
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee01cae8bac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: f355ab05-585f-4ede-b048-e104822c36f7
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/appnexus/6117488627336397699
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 200 video0.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 337 KB
338 KB 96ms
95ms XHR
video/mp2t 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
cdn-edgestorageid: 1076
cdn-storageserver: DE-164
cdn-cachedat: 10/31/2023 19:00:16
cdn-pullzone: 829957
content-length: 345356
last-modified: Fri, 09 Dec 2022 05:43:17 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 510
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 633e3c64f586e7c9f741b55b85628bb5
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5313 46 KB
13 KB 89ms
89ms Script
text/html 2.16.97.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-239.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4c7dea702fcc7f49a0c9896c80e2c246c179e05c9c59785b003598b5e1a3a9d3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 02:00:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17326
Connection: keep-alive
Content-Length: 13229
Expires: Wed, 22 Nov 2023 02:01:00 GMT

GET
H2

200

LP8U06J4-1T-IVXA Show response
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 24AF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP8U06J4-1T-IVXA?gdpr=0

0
383 B

73ms
73ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP8U06J4-1T-IVXA?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee022b46bac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP8U06J4-1T-IVXA?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 56A2 16 KB
6 KB 96ms
56ms Document
text/html 2.18.96.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=164669
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: Thu, 23 Nov 2023 18:56:43 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

9fe3a0e3-7c5c-4e89-87d3-01066c8561f8&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame E1A4
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/9fe3a0e3-7c5c-4e89-87d3-01066c8561f8&partner_id=1010

0
544 B

209ms
208ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/9fe3a0e3-7c5c-4e89-87d3-01066c8561f8&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee055eeabac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Tue, 21 Nov 2023 21:12:14 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/9fe3a0e3-7c5c-4e89-87d3-01066c8561f8&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 5313 7 B
766 B 44ms
42ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LP8U06J4-1T-IVXA
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2

200

f73eb30a-02e2-0b9b-2d45-5e02f48de87d Show response
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 8C2C
Redirect Chain

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://csync.smilewanted.com/set_partner_userid_get/openx/f73eb30a-02e2-0b9b-2d45-5e02f48de87d

0
430 B

176ms
168ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/openx/f73eb30a-02e2-0b9b-2d45-5e02f48de87d
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee035ca4bac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/openx/f73eb30a-02e2-0b9b-2d45-5e02f48de87d
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 56A2 2 KB
3 KB 47ms
46ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44723177&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: dd96acac382a0703363ebdd555c193f13a8871f9dea6eba441c78f6251968fb8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sync
ads.servenobid.com/ Frame 5313
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP8U06J4-1T-IVXA
https://ads.servenobid.com/sync?pid=323&uid=LP8U06J4-1T-IVXA

0
343 B

111ms
111ms

Image
image/avif

54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=323&uid=LP8U06J4-1T-IVXA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ads.servenobid.com/sync?pid=323&uid=LP8U06J4-1T-IVXA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
Expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=6117488627336397699

35 B
250 B

1930ms
68ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=6117488627336397699
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
an-x-request-uuid: 333bbccb-7f69-4925-a4a7-6f8774b22c3f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=6117488627336397699
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_051b9a9f-d38d-4696-923b-870787cc2d03&gdpr=0&gdpr_consent=&us_privacy=1---
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=283&user_id=ed584e3d-f170-4ca7-8825-3946a6af6211&expires=1&user_group=2&ssp=gumgum2&bsw_param=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=0&gdpr_consent=&gdpr_pd=
https://usersync.gumgum.com/usersync?b=bsw&i=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=0&gdpr_consent=&us_privacy=

35 B
250 B

1294ms
57ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=cf2b5170-0a6c-45c2-8aed-c49a1595875b&gdpr=0&gdpr_consent=&us_privacy=
date: Tue, 21 Nov 2023 21:12:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=a549d5ec-1a92-0d53-0c4b-890342614149

35 B
250 B

1856ms
65ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=a549d5ec-1a92-0d53-0c4b-890342614149
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=a549d5ec-1a92-0d53-0c4b-890342614149
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-39275431-5e1c-49de-7606-98b3a5db806e$cell

35 B
250 B

1285ms
81ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-39275431-5e1c-49de-7606-98b3a5db806e$cell
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-39275431-5e1c-49de-7606-98b3a5db806e$cell
Date: Tue, 21 Nov 2023 21:12:15 GMT
Connection: keep-alive
Content-Length: 115
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-yDgM1WhE2pcW61ghQlZ36ouhk3KdE4UspM2d~A

35 B
250 B

1794ms
58ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-yDgM1WhE2pcW61ghQlZ36ouhk3KdE4UspM2d~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-yDgM1WhE2pcW61ghQlZ36ouhk3KdE4UspM2d~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=9f2eefbc-d741-4e7b-8269-d799c9b6b93e

35 B
250 B

1925ms
49ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=9f2eefbc-d741-4e7b-8269-d799c9b6b93e
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=9f2eefbc-d741-4e7b-8269-d799c9b6b93e
Date: Tue, 21 Nov 2023 21:12:14 GMT
Connection: keep-alive
X-CI-RTID: c9e31c49-0196-4c52-aef3-6d6dce00f9fe
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 3F59 0
44 B 941ms
197ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_051b9a9f-d38d-4696-923b-870787cc2d03&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_051b9a9f-d38d-4696-923b-870787cc2d03&s=2&us_privacy=...
https://usersync.gumgum.com/usersync?b=zem&i=iyBA3HdvaHybm7hlKm94&gdpr=0&us_privacy=1---

35 B
250 B

813ms
55ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=iyBA3HdvaHybm7hlKm94&gdpr=0&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:15 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&i=iyBA3HdvaHybm7hlKm94&gdpr=0&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=ileiZRwtJbDF&ev=1&pid=558355

35 B
250 B

1733ms
50ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=ileiZRwtJbDF&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-CH
location: https://usersync.gumgum.com/usersync?b=pln&i=ileiZRwtJbDF&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b57df6cd5-bxvnp
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3F59
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=6826335903124322537

35 B
250 B

2046ms
81ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=6826335903124322537
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=6826335903124322537
date: Tue, 21 Nov 2023 21:12:14 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 3F59 0
358 B 143ms
137ms Image
image/avif 54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_051b9a9f-d38d-4696-923b-870787cc2d03
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 video1.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 318 KB
318 KB 51ms
51ms XHR
video/mp2t 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
cdn-edgestorageid: 723
cdn-storageserver: DE-51
cdn-cachedat: 10/31/2023 18:48:10
cdn-pullzone: 829957
content-length: 325240
last-modified: Wed, 19 Jul 2023 15:09:11 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 649
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 2d8842a52a892026b0d54b68fa0b28ac
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame D117
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=8761265891034627687&gdpr=0&gdpr_consent=

35 B
208 B

122ms
104ms

Document
image/gif

34.243.178.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=8761265891034627687&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.178.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-178-203.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=8761265891034627687&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame F9F5 170 B
188 B 679ms
669ms Document
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNTFiOWE5Zi1kMzhkLTQ2OTYtOTIzYi04NzA3ODdjYzJkMDM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9F9B 16 KB
6 KB 165ms
162ms Document
text/html 2.18.96.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=164669
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: Thu, 23 Nov 2023 18:56:43 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 9616 70 B
148 B 142ms
140ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Tue, 21 Nov 2023 21:12:14 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 65D0
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZV0dL8Co5s8AADDexssAAAAA

35 B
250 B

667ms
68ms

Document
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZV0dL8Co5s8AADDexssAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 21 Nov 2023 21:12:16 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 21 Nov 2023 21:12:15 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZV0dL8Co5s8AADDexssAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad303.dc4p.scaleout.jp
X-SO-IP: 178.238.174.196
X-SO-Key: ZV0dL8Co5s8AADDexssAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"178.238.174.196","key":"ZV0dL8Co5s8AADDexssAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad303"}
X-SO-LB-Hostname: a-tgng40011.dc2p.scaleout.jp
X-SO-Upstream-ID: m-ad303

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 8480
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o&pi=gumgum&tc=1

35 B
250 B

1460ms
65ms

Document
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 21 Nov 2023 21:12:16 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 21 Nov 2023 21:12:14 GMT Tue, 21 Nov 2023 21:12:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F6B5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

82ms
68ms

Document
text/html

2.16.97.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-239.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Nov 2023 21:12:14 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 21 Nov 2023 21:12:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame B7FD 0
0 139ms
138ms Document
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Tue, 21 Nov 2023 21:12:14 GMT
X-Sovrn-Pod: ad_ap2ams1

GET
H/1.1 200
OK img Show response
sync.mathtag.com/sync/ Frame A0A5 43 B
442 B 160ms
139ms Document
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x3 config_version:"3800" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 21 Nov 2023 21:12:14 GMT
Expires: Tue, 21 Nov 2023 21:12:13 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1143 599e619 master zrh zrh-pixel-x3 config_version:"3800"

GET

Pug
simage2.pubmatic.com/AdServer/ Frame E82E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 6156 43 B
855 B 175ms
163ms Document
image/gif 67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 21 Nov 2023 21:12:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: MJTYZDMRN96FCP0QBNGA

GET

Pug
image2.pubmatic.com/AdServer/ Frame D98D
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RMJ2fkOTcXhfxXEpS89ue0GSe39fwCcoRJM1SFvd

0
0

GET
H2 200 F41076E1-140E-472D-8BF4-0A1B4FF3B22F Show response
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 85C4 0
444 B 177ms
167ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/F41076E1-140E-472D-8BF4-0A1B4FF3B22F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee035ca1bac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:14 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 56A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9BB24RQORy2L9AobT_OyLw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

80ms
80ms

Image
text/html

2.18.96.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=164668
accept-ranges: bytes
content-length: 5622
expires: Thu, 23 Nov 2023 18:56:43 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 56A2
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&gdpr=0&gdpr_consent=&ct=y

49 B
544 B

194ms
190ms

Image
image/gif

52.212.46.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 52.212.46.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-46-188.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.170
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.45.2.72
content-length: 0
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame 56A2
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1586128853

0
68 B

82ms
78ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1586128853
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
via: 1.1 google
last-modified: Tue, 21 Nov 2023 21:12:15 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
via: 1.1 google
last-modified: Tue, 21 Nov 2023 21:12:14 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1586128853
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200

p
a.audrte.com/ Frame 56A2
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDZhOEVoTUtwLUpSVHVoMjYtZXBlRFljUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=2280356163980672860&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

56ms
55ms

Image
image/png

34.249.25.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: HTTP/1.1
Server: 34.249.25.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-25-93.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:15 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 21 Nov 2023 21:12:15 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 56A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKCompvVr1aFOUcN3TtDGgE&google_cver=1

0
0

GET
H2 200 pubmatic
um.simpli.fi/ Frame 56A2 43 B
610 B 584ms
175ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 20 Nov 2023 21:12:15 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 56A2 70 B
148 B 171ms
159ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 56A2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6142251128299967568

0
0

GET

SPug
image4.pubmatic.com/AdServer/ Frame 56A2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F41076E1-140E-472D-8BF4-0A1B4FF3B22F&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zSnE0PxE2uXMLtoc.HOPwCXaMdhSAR4-~A&gdpr=0

0
0

GET
H2 200 F41076E1-140E-472D-8BF4-0A1B4FF3B22F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 56A2 43 B
602 B 170ms
160ms Image
image/gif 52.213.173.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F41076E1-140E-472D-8BF4-0A1B4FF3B22F?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.173.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CD14 16 KB
12 KB 174ms
170ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cca98b4a0a35d7bf59246b8f18b3c41cab232da7ea44bddee2bfe0faa1841e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12434
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 975B 0
0 160ms
158ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZsAbtonIb59d7EXiAxni3wmz9oEZkzQdaqup_G373vOYKqpx4jIWaZXbw71DwssG_UtgVhXm2bq8HZrXGNJCsXU1T5l22WCe4mgIOqI1bLmCV_9hh1rBx_ZaKvPgEeY8q5nU6fxLX3MoteilHLspgpT1vI5QNFEnCmb3Pr-QZaFJnSU9-lUgReNU1D6Yrqd0LZkWGlEdmK8ONyuj8sJDBd9YoVs9V-nBpYW2SwYjJSF-luTspzH87_AAeasdm10O1xvu16_Ko6KZWu76nm2QexINLdm2Ce5LLsPyUBfTLY19kinvPNwTUHDPWcbEUCf9f1IfYH-PrPwnkalIKSoNWF1QnRZO3J_jK5MAvIxIg_2oaSzT8nSNIC7uYiKViMBtEoPNybv7vpJaOKKJ5ntxEgJmSvlhT8kkS2tPmkgjSI0b9q00zAU2tuYq0jWcL_ieck9HxSUVLwzDD5IhSAUgGlhCauIhDzDUBzf6UoXIFQEDeIwYuKwBHF8ZJ9AXcTyI5nW5XdYKY5li70svPSju10LOJI7gByTtk1zfeqJcHcqxsFqwBWdvi7eHBtgm8YZFOH-bSseO9XFdtw1FeNwIww71M3qOzSHotaTzVgbpnt19_f_Kmv1P1iCHALYUZfXUGez_O0PhGcV0i8aCExCzPGaT9XoINxcPikR_xNOl8D9fkRvSAXYpoDuqpflSnxjG_7fBj9BLqZO7ITt6_Xes0-AfNOF3HAIrjj2NdCnKC-ftzmavUA_CLbBUvSPQItl3NDObiAJJnQW-WiKGIthEbs72sbCZTAoC1n9Kekpf8o_9Sl_MCR9upd5aBT615F4g674v4_FfHTKIR0CK-hV3w5Q3DwnOc1r7qNVPJZDt-ilSZNySVVeqpohrSeA4tubXsuumA4VrhgoCDbLoZQ8kIocftPwOGqit2AZvdANsplU6w0PbIOduIYyIpB6YoX4d1VALX9rtugu_WSsuecCWd1fzHpwv1OEj5BRVTBm4oW39nyrZbDjMVrpT7HHkA_r4_XOL14BLUtkg3jDhq7hgb3u40UzabsSJQk_02c4mKYlajbEBaKLoP9gUDe7Fbquvd_p50Hs4ku7ynAjebaLbDcuoHs_yPZAXmayJrHKbvywuUqd5HhWe1Kf5IFS4dvDFVFYvNn5ihcasuEU82pu5LSlnV1iDiTFbi2NNB0AT6siO_gp0xwwM542MOG7unS9P1x99TEFHeRYAJwzCC7RqMgyVe6w_yS0ABTzNUL1Pr85z_TcB-GmkgdbhuoAuvPrYWihWX6oFon7pcRBrF_Ne2parFcpaogqip8FVvHSbyQKatKMHlr3kH01dTHBM2ea2Zv-AkNIUPRq9Z17fD_GBwRVpf0yusR7Q_9DTl_JYVgoYekEvdrDqq97_uqceUYh-UMuRq58FOENefsU1E2LaoJFYHwO1SuY4x3ErGx8oaL0L6StvnFw&sai=AMfl-YS3zPxESCbzYTCDZUdjdvCsuh4ugGakzss_so3YC1WL9DoJ6--FQqA_04ltcUoWBs3H7QUAQraayGFBwPryxtxjHjtLTx_TZjqgKVtdG5zaomUbs4kG0hWsIQof26V4xMA4glNrlgiMlIMt7kcgwPn5m6_CxwTGwMwY9yTOMFsGnrMTVwpa68cwM1pKmxS-dPnvu7oLcwkJr6ESggknyJJsv2wLyxrcmbSebMIETEq-anwbaykUSg-kyO9KKowhys6Y_UO5oJORGEw_ThgP5LgG3cHhU39Ayg&sig=Cg0ArKJSzIlkCpcw5ulHEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1411&vt=11&dtpt=813&dett=3&cstd=1402&cisv=r20231109.89675&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 CH-DE_interest_rate-1-DECH-300x250-638330445275979907-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html Show response
s0.2mdn.net/sadbundle/7196943425541767168/ Frame 9F70 4 KB
2 KB 132ms
130ms Document
text/html 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7196943425541767168/CH-DE_interest_rate-1-DECH-300x250-638330445275979907-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc25262f1277646f3a456c79946112b106b0b8b47bcf9abe3add99c8a8f1761c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 78944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1417
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 23:16:30 GMT
expires: Tue, 19 Nov 2024 23:16:30 GMT
last-modified: Mon, 16 Oct 2023 09:15:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET cookie
cm.adform.net/ Frame 83C5 0
0

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 16FE
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
80 B

54ms
53ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee099be7bac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:15 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Nov 2023 21:12:15 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET
H2

200

VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame FFD4
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o?pi=smilewanted&tc=1

0
524 B

282ms
281ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829bee05bf68bac3-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 21:12:15 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 21 Nov 2023 21:12:14 GMT Tue, 21 Nov 2023 21:12:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/VRISRUUh4seifCCStpRJk-iqfGHvjGSgvJr4LyBVu3o?pi=smilewanted&tc=1
pragma: no-cache

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CD14 17 KB
6 KB 58ms
58ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:12:14 GMT

GET
H2 200 video2.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 391 KB
392 KB 92ms
92ms XHR
video/mp2t 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
cdn-edgestorageid: 755
cdn-storageserver: DE-664
cdn-cachedat: 08/02/2023 03:56:22
cdn-pullzone: 829957
content-length: 400064
last-modified: Fri, 09 Dec 2022 05:43:17 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 86
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: ce102b125c78eb7a708a03264c320e9a
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F6B5 46 KB
13 KB 93ms
93ms Script
text/html 2.16.97.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-239.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4c7dea702fcc7f49a0c9896c80e2c246c179e05c9c59785b003598b5e1a3a9d3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 21:12:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 02:00:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17326
Connection: keep-alive
Content-Length: 13229
Expires: Wed, 22 Nov 2023 02:01:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0A16 13 KB
5 KB 97ms
95ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 12421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 17:45:13 GMT
expires: Wed, 20 Nov 2024 17:45:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EE12 829 B
794 B 115ms
113ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

7b7c713ace702179050ef875089056b861c4bb34f18e9023b39c158ebd689cb9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YGhH5uG2OO2T2P4wX8bS6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YGhH5uG2OO2T2P4wX8bS6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:12:14 GMT
expires: Tue, 21 Nov 2023 21:12:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET 652cf45a843eb9eeda7667ce
c.bannerflow.net/a/ Frame 9F70 0
0

GET
H2 200 video3.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 320 KB
320 KB 79ms
76ms XHR
video/mp2t 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
cdn-edgestorageid: 860
cdn-storageserver: DE-576
cdn-cachedat: 07/16/2023 19:53:18
cdn-pullzone: 829957
content-length: 327308
last-modified: Fri, 09 Dec 2022 05:43:14 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 276
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 8cc3ed7d1d5a79fa5ceb2d9b3e83205b
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET

cs
cs.yellowblue.io/ Frame 41F8
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=eef3548a53336fa2df689a6b7b2ae3&gdpr_consent=&gdpr=0

0
0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 41F8 0
34 B 76ms
74ms Image
text/plain 52.59.59.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-59-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT

GET
H2

200

cs
cs-server-s2s.yellowblue.io/ Frame 41F8
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F

0
329 B

181ms
180ms

Image
application/javascript

3.221.116.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-116-77.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F
date: Tue, 21 Nov 2023 21:12:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 115
content-type: text/html; charset=utf-8

GET
H2 200 sync
ads.servenobid.com/ Frame 41F8 0
340 B 211ms
209ms Image
image/avif 54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=352&uid=IdrQNQz-Cp_s
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame F6B5 7 B
766 B 216ms
215ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LP8U06J4-1T-IVXA
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 6ACC
Redirect Chain

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1676229551982840531227

0
485 B

293ms
291ms

Image
application/javascript

18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1676229551982840531227
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: Xq_6u1ekEicvHTSNQDsXwsyV0TJOtT6X5dufY3gm_ekK3W3MgqrttQ==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1676229551982840531227
date: Tue, 21 Nov 2023 21:12:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 6ACC
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=cb2d9398-4d15-0a51-13a8-8019ca32caea

0
484 B

187ms
185ms

Image
application/javascript

18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=cb2d9398-4d15-0a51-13a8-8019ca32caea
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: nLEVRIG-USsiNfJ2vS6y-JWu2zg7jy-Q9_-_1Mtai_AnqfTs23W9SQ==

Redirect headers

date: Tue, 21 Nov 2023 21:12:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=cb2d9398-4d15-0a51-13a8-8019ca32caea
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 6ACC
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

0
532 B

305ms
301ms

Image
application/javascript

18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
x-reason: missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: M933ILiLb-W-eZ94F7BVrmnw4m9gwYRoVZ9DCjx7Fc-QelDDDTxrKg==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date: Tue, 21 Nov 2023 21:12:14 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 6ACC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F

0
485 B

181ms
181ms

Image
application/javascript

18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: EL74xQmLqnjDEoc1WNfD9b_EWEu_9KZpyfTwOAEtK7nSGRctfyttzA==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F41076E1-140E-472D-8BF4-0A1B4FF3B22F
date: Tue, 21 Nov 2023 21:12:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 117
content-type: text/html; charset=utf-8

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 6ACC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZV0dLY-vVZAtHMOMJZdEkQAA%261188

0
486 B

185ms
184ms

Image
application/javascript

18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZV0dLY-vVZAtHMOMJZdEkQAA%261188
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: 9ZwnW7xcpDpjr-Hs_YjB3B5rfMxSuVES9cOJGVq6bx3myvP7NT8-yA==

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oQ%2B2OAqFT2x3IEbhw6tdtD2crwOwMIt4jOGZlVDKtTL4g4Zm9QNvvD5xyTqJNTXTXoI%2B8AjCWRvuEldzTeK4hhw4%2BD9Nhhuv40XNAgnHAhVKSm%2ByxV9oEs2NcQB7KyyaAo6eGe6QvcnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZV0dLY-vVZAtHMOMJZdEkQAA%261188
cache-control: no-cache
cf-ray: 829bee056c452355-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 6ACC
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=f4ce7a562280a01b4554a29d45f5baf5

0
486 B

295ms
292ms

Image
application/javascript

18.66.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=f4ce7a562280a01b4554a29d45f5baf5
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-127.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: Flrc5LuJbg_KSzi5dBEb72ijCMwcOyJuuP6IUMadVXxsIjyNFEgzHQ==

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=f4ce7a562280a01b4554a29d45f5baf5
x-kong-upstream-latency: 2
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 6ACC 0
277 B 110ms
108ms Image
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 21 Nov 2023 21:12:14 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 sync
ads.servenobid.com/ Frame 6ACC 0
341 B 198ms
191ms Image
image/avif 54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=348&uid=pA9QN1--Cp_mm
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A16 39 KB
15 KB 184ms
184ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EE12 0
0 263ms
262ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3671286886322135&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 44EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_cver=1

43 B
734 B

56ms
53ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9WPy6zGT%2Fd4Xg8InvNKFXela72Ht4D5O%2FZcdrZ4T6k8FJJuXCawxI9FKlABEFiO6dAcqYbQm1y9EjiMJQf6Q96EAOEzCwUH2uMjDeauOeLMgLyhrzm4xvGkjT2EyI%2FwXy2IXipG6qmFFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bee08aa8c2355-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBeceUd0q-WGLbZTXzaTGVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 31327
i.liadm.com/s/ Frame 44EC 0
0

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 44EC 43 B
855 B 179ms
177ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7S3Z6FXEZEX8JPEFZFVR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 44EC 70 B
148 B 81ms
80ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET tum
ums.acuityplatform.com/ Frame 44EC 0
0

GET bridge
cm.adgrx.com/ Frame 44EC 0
0

GET indexexchange
trace.mediago.io/ju/cs/ Frame 44EC 0
0

GET indexexchange
sync.adotmob.com/cookie/ Frame 44EC 0
0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 44EC 43 B
252 B 84ms
71ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZV0dLY-vVZAtHMOMJZdEkQAA%261188
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 66400
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 829bee063c260229-ZRH
content-length: 43
expires: Wed, 22 Nov 2023 21:12:15 GMT

GET 31327
i.liadm.com/s/ Frame 2723 0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2723
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6117488627336397699

43 B
733 B

222ms
221ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6117488627336397699
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMKug5f4J8iHhS3iKHMRwN6nfXEcDHr89J6j4GSM3hDE0X07ec1bfROSTykLLfjR9j3xzcx%2FROngS1RUX7ghANAOBz%2FB2b32u3%2FVzExb8nlMpvMf6BBtJSbqa4ACq5r4Z9FuRto2ACXEmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bee0758022355-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
an-x-request-uuid: 80a76d94-ecb8-4b63-a937-c25b202374a9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6117488627336397699
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2723 43 B
602 B 144ms
130ms Image
image/gif 52.213.173.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.173.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

u
1f2e7.v.fwmrm.net/ad/ Frame 2723
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1d6dc82131f6a8cd3f86b4dac655425&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...

0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2723
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6826335903124322537&gdpr=0&gdpr_consent=

43 B
735 B

193ms
193ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6826335903124322537&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8efU%2Bs1C4h1c%2BNxV4wWSGDb9D58B%2FTgvxvEbYWQVJ%2BIZc1tbcnjgovOrIA9knLPhfl01xfwxzhhf9s315YY8bkD2WyQKthgLt1X14XXJV0hAoHNQik9AX7RXX454JtSDvGq1BrVDB9z%2FCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bee0778502355-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6826335903124322537&gdpr=0&gdpr_consent=
date: Tue, 21 Nov 2023 21:12:14 GMT
content-length: 0

GET bridge
cm.adgrx.com/ Frame 2723 0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2723
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0DF48809933F421289E3473EE520EC7C

43 B
740 B

222ms
220ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0DF48809933F421289E3473EE520EC7C
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev1vhfE66gF%2BUYbW7weTZo0FlXwQbbSn1%2Fl7%2B2RtwiTWHPDjkxqK57o76D9XRu8lM2Nw6AGSv%2BdG7wgn7s1YW48lV%2Fih7qmK%2Fffhp%2FYk6NELMs4urgsC6quowppzbgNELU5%2F2kkmy%2B5etQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bee075fff2355-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Tue, 21 Nov 2023 21:12:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0DF48809933F421289E3473EE520EC7C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Nov 2023 21:12:15 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2723
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2280356163980672860&expiration=1701810735

43 B
731 B

148ms
148ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2280356163980672860&expiration=1701810735
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUhZZXrXLUiy2J44qHKfp4Sd24y3cfljR5Nao1ommugI7kP8DwCjcnAkNMS%2BEld4F1ZhJm4iPtwvuWE9ykKIsg3dVtjGZwEZuo5TnRa0TF7VOmRHQj7pWzElnXRlIQVfznMtqHwSpGlTbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bee06ff652355-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2280356163980672860&expiration=1701810735
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame 2723 0
357 B 240ms
237ms Image
image/avif 54.76.122.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZV0dLY_vVZAtHMOMJZdEkQAABKQAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2BB2 0
597 B 200ms
191ms Script
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:12:15 GMT
an-x-request-uuid: a7a1bc4e-1cbc-4d8f-a817-c990f3da00d2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.238.174.196; 178.238.174.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F6B5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP8U06J4-1T-IVXA
https://usersync.gumgum.com/usersync?b=mag&i=LP8U06J4-1T-IVXA

35 B
250 B

1485ms
55ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=LP8U06J4-1T-IVXA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 21 Nov 2023 21:12:16 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://usersync.gumgum.com/usersync?b=mag&i=LP8U06J4-1T-IVXA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2 200 track
t2.teads.tv/ Frame 9A68 23 B
134 B 139ms
138ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2.teads.tv/track?action=visible-3&vid=5976b637-ddbb-4b74-92fe-820771531737&gid=973884&studio_cid=185a10b0-df8a-11ed-a497-d5745f81ca65&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=73848af5-73b5-4f68-a0a0-b2953cc1f2ce_04bf4037-2c6c-4989-b93a-250dc2763772&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700601132141&cid=1027191&pid=169092&p=GmRD427ysqaWt6BqOJZrE178T89YWyH3KxhhOtkF5RPfBp3CRKVBju1m9kJO52QRFxnyEK_f0v3e8AZuF4eX4MAwJN27Lt4dGkA40GIb3OMq5TFCZf7c7s-TtOe8Hm3dTCXVc6BZuKxysVUmkcUG5evKhFGS_7b47sG1oqWNZPkQj1nz9T5hRvh9Nymttnb613lIA2cOMCcgmZ1KhbfttfDPbsTOm_ojhZmKqp_kRlSpcOfkGjCU-uvPm7kTq-g-vzutJbj8gOikZYma02McRVEdbOMY8ULnde_wNzijR9RthkMYyZbvDmDxvhUstayJ6ImkLknko6vj0fguDaaSI3iKaM2o8ImxUwzaoz_IzyJIXA&cs=-739279287450615841205&slot=native&fv=1290&ts=1700601135201&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2F300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 21 Nov 2023 21:12:15 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 0A16 0
41 B 94ms
93ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rI-VNA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/300duo-mo-ren-deng-bu-dao-mo-de-na-yun-jiang-nu-biao-cai-zheng-fu-zang-hua.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 video4.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 333 KB
334 KB 43ms
42ms XHR
video/mp2t 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:12:15 GMT
cdn-edgestorageid: 1076
cdn-storageserver: DE-661
cdn-cachedat: 10/31/2023 19:00:04
cdn-pullzone: 829957
content-length: 341032
last-modified: Fri, 09 Dec 2022 05:43:16 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 510
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 82e8ee6a0ca91b864253f395779031a2
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET ads
pubads.g.doubleclick.net/gampad/ Frame 737B 0
0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 975B 0
61 B 111ms
111ms Ping
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5133354746339&version=m202311060101&ct=76&x=1&cor=2788183184196237300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS