www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://vidverto.io/?utm_source=vidverto.io_branding&&utm_medium=www.bg3.co

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://intouch.wunderweib.de/charlene-von-monaco-ihre-verwandlung-von-frueher-bis-heute-113992.html
Title: InTouch

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://hjg1zc.llsdzktnxwnnr.com/
Title: Ringe | Gesponserte Links

URL: https://2mbxk5.llsdzktnxwnnr.com/
Title: Außensauna | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://cdd1e2.zbrjtstrclnm.com/
Title: Schwimmbecken Whirlpool Angebote | Gesponserte Links

URL: https://electriccars-ch.com/
Title: Elektroautos | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&ri=e7f6ab3e53a650d09f90e5f95d8fb450&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&it=text&ii=~~V1~~8312721823682263634~~frM0VtgnMELOz4-FnPTfVc3EBxGGMyn7pLxMXP-s8HHpZyC7dGVdvKnSHsaHrNsFr6KHfhMNDc_prPncQ7T8QBLbjIP0R1GoNPTyITCKivdzvbumNitnR1sJVmzbszz_sRk1I2x0esEumtsSzHbmN-47htvcERiHnGtIaxOC_ttc6FsLgacAW-3MdMM9IR1PTZmfHmbmRr17o5Ad-JuTyGNj-8m6MKXKpYR_soooARs&pt=text&li=rbox-t2v&sig=e998ac93112e9fce433578a1009b5d2cd9f629886508&redir=https%3A%2F%2Felectriccars-ch.com%3Fsub1%3D25425500---delimjuwe---3697319599%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiBQwHBiKVVjANwvPh34F-ZpLkptiMjpUSnrzZKE0rkIUiDkpl8oh7yzwYbMkbQh%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DVolketswil%2BNeue%2Bkleine%2BElektroautos%2Bf%25C3%25BCr%2BSenioren%2B-%2Bder%2BPreis%2Bwird%2BSie%2B%25C3%25BCberraschen%23tblciGiBQwHBiKVVjANwvPh34F-ZpLkptiMjpUSnrzZKE0rkIUiDkpl8oh7yzwYbMkbQh&vi=1694373517127&p=ajaskagmbh-search-sedo-electriccars-sc&r=8&tvi48=10143&tvi50=11104&lti=deflated&ppb=CBs&cpb=EhMyMDIzMDkxMC0xNS1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNzc4gOyJgAlAstANSNCIEFDcnN0DWP___________wFjCNA3EJ9PGDBkYwj-SBC2YBgBZGMIykEQ4FYYMmRjCNcWENUfGCNkYwjcChD7GhgWZGMI0gMQ4AYYCGRjCKNNEIRmGDhkYwiWFBCgHBgYZGMI7wMQiwcYCWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGSr6CEqDE&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 35

https://ad.doubleclick.net/ddm/trackimp/N722593.3134713CAPTUREMEDIAAG/B30434322.373204040;dc_trk_aid=564319831;dc_trk_cid=92613719;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=bg3.co HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N722593.3134713CAPTUREMEDIAAG/B30434322.373204040;dc_pre=CN7Tr53hoIEDFa_dEQgdNHYEIQ;dc_trk_aid=564319831;dc_trk_cid=92613719;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=bg3.co

Request Chain 99

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&rid=esp&cc=1

Request Chain 129

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Df643c8a7-90b8-4c83-a6eb-def6befec6e7%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=f643c8a7-90b8-4c83-a6eb-def6befec6e7&p_id=23

Request Chain 130

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f643c8a7-90b8-4c83-a6eb-def6befec6e7&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f643c8a7-90b8-4c83-a6eb-def6befec6e7&gdpr=0&gdpr_consent= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-t8B2O7PAyzTGpI2jSTOFWFq1cW_x1g-uZjLTHg&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&p_id=15

Request Chain 150

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LMDU8UW0-9-APHD&gdpr=0

Request Chain 151

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5807369807400848501

Request Chain 152

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=b02df6d827f8b4427a47753ae053ea66&gdpr_consent=&gdpr=0

Request Chain 154

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABioCIHo4-p7EupJnFBIymNV6zVUsCmkyAWA

Request Chain 155

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=1986005891918530209

Request Chain 157

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4

Request Chain 158

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODQ1MTYyODUtNTk0QS00RjE0LTkxREQtM0M0ODBDN0ZENDMw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=84516285-594A-4F14-91DD-3C480C7FD430

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC0lDroeHzqUA0qFv7CfTBU&google_cver=1

Request Chain 160

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-r63_h15E2uGBnTFLDIxitwhRNMobmByNAlk.BNY-~A

Request Chain 162

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=6776225725578472426 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=223de8c9-780e-52fd-9426-579bf0d84114&ssp=onetag&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 163

https://ad.mox.tv/delivery/sync?userid=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4&p_id=5 HTTP 301
https://ad.mox.tv/delivery/v2/sync?userid=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4&p_id=5

Request Chain 176

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=56992873382673490

Request Chain 177

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4b942358-5f3f-c4c8-02d2-b67dd6848128 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4b942358-5f3f-c4c8-02d2-b67dd6848128&dcc=t

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC7iiSS0HWhQAcnB8EUKnUQ&google_cver=1

Request Chain 186

https://pr-bh.ybp.yahoo.com/sync/taboola/05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-4j2I3nJE2oQynmiho9I6GtMQOmVEQMpncyZBTQ--~A

Request Chain 200

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 202

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 209

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMDU8UW0-9-APHD&gdpr=1&us_privacy=1---

Request Chain 210

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTk0MWIyNjgzZWEwYTg1ZWEzZWE4MzQyZjhhZmZkMzk0OGVkM2JkZg&gdpr=1&us_privacy=1---

Request Chain 211

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 212

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/JPDBaNyiYPW1uqAt_jNV2g?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8z7BWNNE2oI__v0wfmD5VqUwV2ZwIAQ1XyHKWg--~A

Request Chain 213

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1EVThVVzAtOS1BUEhE&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEGOM-1HDP53LERfuz_J2UZI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EVThVVzAtOS1BUEhE&google_push=&gdpr=1

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECaS4_76tR_Y6_zgEiBWhxw&google_cver=1

Request Chain 215

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 251

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMDU8UW0-9-APHD HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMDU8UW0-9-APHD HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/4916c726-30ca-3d67-8957-4f018615b02e?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-oFb7QelE2oVYBfwHX_Ex7lDCkzy7CiItF2zXNJA-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 276

https://onetag-sys.com/usync/?tag=img HTTP 302
https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&google_hm=MTRkOTBiNGMtMGJkZC00M2E2LTlhODItOWViZmQyMzlkMGM0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECuBqMBW2-Aqlk6LknWyHvk&google_cver=1&ssp=onetag&bsw_param=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4 HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&gdpr=&gdpr_consent=&us_privacy=

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_cm&google_hm=ay1IakhYWHJQQXl6VEdwSTJqU1RPRldGcTFjV19rdy1OM0ZWYy1fUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_gid=CAESEMIwXPIPu16YdaY48QSoYh0&google_cver=1&google_ula=913071,0

Request Chain 355

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5807369807400848501

Request Chain 367

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA&C=1

Request Chain 368

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=as3bPCXDeBwcu3gECljzjlTIhqdT_I0g

Request Chain 378

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_cm&google_hm=ay1IakhYWHJQQXl6VEdwSTJqU1RPRldGcTFjV19rdy1OM0ZWYy1fUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_gid=CAESEMIwXPIPu16YdaY48QSoYh0&google_cver=1&google_ula=913071,0

Request Chain 380

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5807369807400848501

Request Chain 392

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA&C=1

Request Chain 393

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bFYLpaXmLYUBbBL6g_Sgx-0kDPjIgSmf

Request Chain 404

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=abRzkenVgAs5Yn6xIbDbhLF4nPobcfXj

Request Chain 405

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=memZjYC1qEi28Zw9qS1jmTxasaTcCLzP

Request Chain 406

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xb9fli8kPEBlUFFYz6tt7y1y-Sxa2oxx

Request Chain 407

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=umTLfSWz9F2uMzS1BDCf6OlIbcmrCUER

Request Chain 432

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=zBTVGeoTxhwkqHhdba5wcg==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 434

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx

Request Chain 436

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ut4ntL3ceOOhiXGyuNJs4brecbWh3ifg7480P-vH

Request Chain 448

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/223de8c9-780e-52fd-9426-579bf0d84114

Request Chain 450

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
https://csync.smilewanted.com/set_partner_userid_get/adform/56992873382673490

Request Chain 451

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/78ead458ecfcf9aa1fc3a97ccbc3c759?gdpr_consent=&gdpr=0

449 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html Show response
www.bg3.co/a/ 71 KB
20 KB 4428ms
3278ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 243b21af929a41d249f46b0337526c6e78644c7d97eb71e69c21cb9d8438dc8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 10 Sep 2023 19:18:34 GMT
etag: "11ac9-75z0gG+F35tM8v5h0ZfRElyj5TE"
expires: Sun, 10 Sep 2023 19:19:34 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 629ms
116ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 19:18:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72941
x-xss-protection: 0
server: sffe
etag: "1fd4dd9eff57c430"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Sep 2023 19:18:37 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 595ms
82ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 19:18:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9642
x-xss-protection: 0
server: sffe
etag: "02dd63e520ffd2e6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Sep 2023 19:18:37 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 572ms
81ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Sep 2023 19:18:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7559
x-xss-protection: 0
server: sffe
etag: "7e5f99ff05e5cd4c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Sep 2023 19:18:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 658ms
101ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1234303838334e427b411616365590e32156e390079403cd751f6f28d9b72363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29180
x-xss-protection: 0
server: cafe
etag: 150 / 19610 / 31077595 / config-hash: 18345592501010170579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Sep 2023 19:18:37 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 252ms
60ms Script
application/javascript 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 16:30:31 GMT
server: cloudflare
age: 16346
etag: W/"64fb4c27-a067"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 804a0490dcc2ba83-MXP
expires: Mon, 11 Sep 2023 02:46:10 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

608ms
68ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1942
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QtA1YtWrk8fZoGI0MnVczPWDEinbOZo2hNnqR%2FaR8%2BLBJwwBTuO5SCawIyaWnPs6QlD84EcDiRFFWwY36f17thlRsx3fBqaSEY%2BvEjDHrZeig55h4axpNe07iTNJ7jKQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 804a0496fd2a3747-MXP

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
11 KB 288ms
30ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF4) /
Resource Hash: 8ac725e65ffc1ec69e837b787858bee885c54e054b89c662bd5662075c5f5e4a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Sun, 10 Sep 2023 19:18:36 GMT
content-encoding: gzip
age: 2294
x-cache: HIT
x-client-device: desktop
content-length: 10576
x-ap-device: DESKTOP
last-modified: Sun, 10 Sep 2023 07:00:43 GMT
server: ECAcc (frc/4CF4)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: RU
expires: Sun, 10 Sep 2023 20:18:36 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 662 KB
140 KB 874ms
83ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 5b118e1496dca781d14a6f7e0dee34cc5cdb3d5b78f26d77b54089da8dbe7a1c

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Sun, 10 Sep 2023 19:18:37 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Fri, 08 Sep 2023 14:04:50 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: CH
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1694373517463_389467673_767672139_492_1401_122_48_146";dur=1
content-length: 142572
expires: Sun, 10 Sep 2023 20:18:37 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 524 KB
54 KB 237ms
48ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 610949c7fe39091397f02b592bbe87f7aa7ea98d90052657db0e0ac35782225d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JtUQH8kQ8JPVuFC99uZIqvMjt2F0gFvU
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:36 GMT
x-amz-request-id: 4MAJXR398033XA7A
age: 17341
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 54715
x-amz-id-2: V57e4NYZpN3F0tFD3SCFFL1r3I5PRcL8Rf3Z9wDE6Kmd2hKytDFBCYelv1bOWZLSK7udVvwOjT4=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:29:20 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373517.936543,VS0,VE0
etag: "e7b9868e2af79fe29e482e79ee86ece0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 98
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
592 B 240ms
221ms XHR
application/json 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=D6E03412C03F4FEF04895D083131AD84&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&t=%E5%A5%A7%E6%96%AF%E5%A1%94%E7%BE%8512%E6%98%9F%E5%BA%A7%E4%B8%80%E9%80%B1%E9%81%8B%E5%8B%A20117-0123%E3%80%80%E9%9B%99%E5%AD%90%E7%9C%8B%E7%B7%8A%E8%8D%B7%E5%8C%85%E3%80%81%E7%8D%85%E5%AD%90%E5%BF%85%E9%A0%88%E6%B2%89%E4%BD%8F%E6%B0%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=4716&sc_rum_e_e=4721&sc_rum_f_s=0&sc_rum_f_e=4714&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 804a04918dffba83-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 impl.20230910-15-RELEASE.js Show response
cdn.taboola.com/libtrc/ 805 KB
167 KB 51ms
51ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c422945f8889365957851e4719699bfcaf357d50e3091beddc0819f76100ae9c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1Zpt0M8ls0eVsg0Y8R71y3TgUSj4Ng3X
content-encoding: br
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: J179SEGARMJRDRBY
age: 18480
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170321
x-amz-id-2: JFXjxHNyztH4OlrUY54ukrqRBBLbnuqYhb8tuN3Ei9L9nFUHNxWpeN/LujV7AWonQSvUZj44kQg=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:00:09 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373517.047390,VS0,VE0
etag: "ce240666ac5977bf5b6c7a243ef9b67f"
vary: Accept-Encoding
content-type: application/javascript
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 53348

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 560ms
62ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1694373517.dop149.fr8.t,1694373517.cds292.fr8.hn,1694373517.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 642ms
69ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 227987
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 73 KB
18 KB 429ms
407ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=21%3A18%3A37.132&lti=deflated&data=%7B%22id%22%3A957%2C%22ii%22%3A%22%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694356120872%2C%22vi%22%3A1694373517127%2C%22cv%22%3A%2220230910-15-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html%22%2C%22vpi%22%3A%22%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5208%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A5106%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fa7e96f3f125707248a563148de4e3963a16790eef53ab5725d54fd65d1d0a7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 364
date: Sun, 10 Sep 2023 19:18:37 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 1.8617021
x-fastly-to-nlb-rtt: 59432
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220085-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1694373517.165376,VS0,VE364
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 404 KB
127 KB 37ms
37ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 13:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19336
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 17007686020673988365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Sep 2024 13:56:21 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 562ms
55ms Script
text/javascript 99.86.164.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.164.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-164-217.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Sun, 10 Sep 2023 03:41:04 GMT
Via: 1.1 783a2e1eae90b7e367c282f984f64e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP64-C2
Age: 56255
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: NhZYfIRhVpohX9jYmENSpGD1Q-VQjJ38AfE0twiWExhVCUa5pQcAyg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
31 KB 577ms
71ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: DZ733E8TTZ7SG4FA
age: 5
x-amz-server-side-encryption: AES256
x-amz-id-2: nN6Gk3FwfXeIF/Grp2NxGQawjCk/tIPjc7BmC3AdATaD7bV0Kpd7FKxjR/ntCHnwTAikKxSAAbm/tjtUe+vCjQ==
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 804a04980b6bbb1a-MXP
expires: Sun, 10 Sep 2023 20:18:38 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 583ms
77ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23666
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKsmvLAwuuqnepXjuQ3FgrmPDcz%2BgL8BYDbrAsycK846MBqO1TB0I6T4VK0eGvQ5vuCMxZbXI5QIS%2FppZpC1qe%2BCRlWhiYL2g4IFfpCCgh%2Bnr1zAv1uBaVrZFjyQgs4UGLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 804a0497ff6f526d-MXP

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 581ms
76ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Sep 2023 19:18:38 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 199ms
36ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 04:27:21 GMT
content-encoding: gzip
age: 1176676
x-guploader-uploadid: ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 27 Aug 2024 04:27:21 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 150ms
150ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3701191947948741&correlator=1511543656974816&eid=31077099%2C31077595%2C21065725&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694373517524&lmt=1694366317&adxs=220&adys=228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&vis=1&psz=760x0&msz=760x0&fws=0&ohw=0&ga_vid=227825893.1694373518&ga_sid=1694373518&ga_hid=1609667580&ga_fc=false&dlt=1694373516688&idt=808&adks=3605545259&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

cafe /

Resource Hash

ea8342a614f840b9552661fd5b696b38c1ee2b32248ccc8dce5a38f8404462eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12503
x-xss-protection: 0
google-lineitem-id: 6344488284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440076868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
35ea06a4f37641457243cef871220669.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5637 6 KB
3 KB 588ms
39ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://35ea06a4f37641457243cef871220669.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 19:18:38 GMT
expires: Mon, 09 Sep 2024 19:18:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 em-dividers.js Show response
cdn.taboola.com/ui-ab-tests/em-dividers/ 525 B
718 B 26ms
26ms Script
application/x-javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-dividers/em-dividers.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eef130cd4b5772a252c5c9feda8c7910b5e1e52cfa27887886043ab266421fc6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sjeR0QHxVVhmbXj4Ta24d3lgzrgkEVFb
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: YQ4TQ7VSSE224A1W
age: 21290
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 302
x-amz-id-2: fOQjiSpyw2Sl+1OFyh8EZCfLoaz4ZjwdJa5cuxXDGThxVKwbb/DwIZWvYcML3LSikHiATx/l+Hk=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Thu, 07 Sep 2023 13:04:44 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.588985,VS0,VE0
etag: "b61500489eba4791761a166933bed4be"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 23
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 8645

GET
H2 200 em-dividers.css
cdn.taboola.com/ui-ab-tests/em-dividers/ 227 B
410 B 27ms
26ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-dividers/em-dividers.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 033718a2aa071240f6adb758d23ca70c8be35d1b2e94fa7c954e3fea0f784214

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5AkA33kr1wqaJzT5Gdn21Ilur1WaPXkm
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: YQ4QDF5A67NEYBCA
age: 21290
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 121
x-amz-id-2: mqQfmRzKK9x0m5OwkJ2yndcIFPspD02KmjSt/DsqkmSHZZqNfL97c3as8JjrRUO1wm7lakBoKY0=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Thu, 07 Sep 2023 13:04:43 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.588951,VS0,VE0
etag: "ddefcd559750f79096b30cfed7078537"
vary: Accept-Encoding
content-type: text/css
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 8628

GET
H2 200 floating-unit.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 35ms
35ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d68cebc954d5960fba081e29d978407b2557ddff0d6373feb7d28da17f7cfb17

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _5s94pGBFPhRcJWk6ddiRCO9jDwkf8Zn
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: 5DABXBQCNEHEFBQ2
age: 17078
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: R6ffFHbBkFqK+6e/QhQXuB14tbOFFSfi0ixPyyscGxdFRRRvELzhDTc7yjYmJ19E3WX9Wni33Pk=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:34:00 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.598574,VS0,VE0
etag: "730845a05db05e2f76f18801e91b8fe4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3761

GET
H2 200 taboola-vignette-new-scanning.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 32ms
32ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fe1f319490542fde8daf7c62ca628c32f7206d06f7dd27471eb82946014ff9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: L2cU8YvUo5Hjt14zc8H0M8lXo4QXeNx.
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: E1BRVVD0MNS5ZFCT
age: 17060
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8020
x-amz-id-2: IBS/zm1lJDJmseVLXo0jNCp6fJvzAmLhfYRloq/3rn7prhpyY0BYOIQbt8RNvWH8ryXp75Y8aus=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:34:17 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.598542,VS0,VE0
etag: "9781dc905c3e486c37494390d2aa43b0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2284

GET
H2 200 distance-from-article.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 61ms
58ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f199f10481768fbdfa8bfd7d46bad0debdc50ff26c2ada4cbaa9048162a3d5b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DIFcoE_Bnkx1Xv7geau35ZENeBQ5bd1T
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: 74HC634HQE6G9457
age: 17088
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: J0EEjn25zSoX2cjuuhXCOiLtqQOh3Vij/OIdPzUY4wSDrf1RxK5XhohcsRyevySQ+bq6AM2dXIY=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:33:50 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.617762,VS0,VE0
etag: "aec499cc77d238444594c7f0effa66bd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 35358

GET
H2 200 article-detection.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 74ms
72ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92e497f0152ef60a1741b07a2a3630882a6e28770386aa1a68c5c07c2b23e656

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0y8Fj8sCUdot9LHQbh6PMqksPg9QsE44
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: Y4A56RQJ1S4KAWNX
age: 17094
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1292
x-amz-id-2: /pX0rcuHDOdTMJ8q67bzCDRfU1TMe/HlxWf2wnteWMcX6mk+FjAOcW+h4WAfMggDrXd5bncQvK4=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:33:44 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.657815,VS0,VE0
etag: "f40176feba4fb6bb58a3279285cae62c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 35290

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.3.0/ 127 KB
36 KB 272ms
64ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 382441
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 36498
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Wed, 06 Sep 2023 09:01:32 GMT
server: AmazonS3
x-timer: S1694373518.862548,VS0,VE0
etag: "1865860838c0a4f202ab61510882ea01"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: MBwNQWWoasK9QdVBzfrJSMb4dGtXeyY63MWPfWLulxwQ0SOIpiRafA==
x-cache-hits: 39724

GET
H2 200 feed-card-placeholder.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 70ms
70ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93141b5b9b73f6534458bd5e5171890448842ecdcfea5301af7599243e1f9c0d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: d6nM8W.QAC3RgsaUAnMT_xtHAxUSwiSu
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: 8J1FTC641WTV6V1J
age: 17083
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: 5mUDCIAQ5FAswVv2JjzDszsyca11Kgs+CxnYudBdommaqiHDujvkBuI8t/LOQ9Ft2lI0ZqZSMdg=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:33:55 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.657807,VS0,VE0
etag: "de7ea519eb60e4aea3ffe0473ddb8b53"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 34450

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 70ms
69ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: CCG7A4WVWN5WJAVZ
age: 76
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.658202,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 37
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 130

GET
H2 200 userx.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 64ms
62ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4af9abc3fa88d52e95d283bed70947d365a53d40ce5dc6eca3c3db355480783

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KFZwAI0.1zEI_7oTKaG7EoYdWKav0cQo
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: DBVCPJ6FGQRXCGFX
age: 17057
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: T2UMhYw8xMyWLVmi8Tyf3bmHwmeEQSnAa/pHAkvOifURIkPPKRj6R1L41UnyxVgWz/BI7oewQVA=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:34:20 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.666123,VS0,VE0
etag: "8484166166eb49335eed7b1d6f34626f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7037

GET
H2 200 explore-more.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 48ms
48ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26d83a4a52389972e9fe31e51d4dcac339466a803c2033e84e3798891891aff9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 95Kwm2.YiiaLZV_fc9CYzMx6hbmFuLgG
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: 651PJEPEXREMTH9H
age: 17084
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8804
x-amz-id-2: CFLhsjy+DkQs5eLUxC3UE9XkR9Xz01gaCy8N3dl27XkSFp6JYE3bxghuT+LNf2S4Ak/7rYQAEZk=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:33:53 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.677019,VS0,VE0
etag: "010362595e862427d1407c63ccad9995"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 36
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 15556

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 414ms
98ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=21%3A18%3A37.584&id=2437&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 343ms
96ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694373517585%7D&tim=21%3A18%3A37.585&id=4064&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

B30434322.373204040;dc_pre=CN7Tr53hoIEDFa_dEQgdNHYEIQ;dc_trk_aid=564319831;dc_trk_cid=92613719;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N722593.3134713CAPTUREMEDIAAG/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N722593.3134713CAPTUREMEDIAAG/B30434322.373204040;dc_trk_aid=564319831;dc_trk_cid=92613719;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
https://ad.doubleclick.net/ddm/trackimp/N722593.3134713CAPTUREMEDIAAG/B30434322.373204040;dc_pre=CN7Tr53hoIEDFa_dEQgdNHYEIQ;dc_trk_aid=564319831;dc_trk_cid=92613719;ord=[timestamp];dc_lat=;dc_rdid=...

42 B
118 B

117ms
112ms

Image
image/gif

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N722593.3134713CAPTUREMEDIAAG/B30434322.373204040;dc_pre=CN7Tr53hoIEDFa_dEQgdNHYEIQ;dc_trk_aid=564319831;dc_trk_cid=92613719;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=bg3.co

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N722593.3134713CAPTUREMEDIAAG/B30434322.373204040;dc_pre=CN7Tr53hoIEDFa_dEQgdNHYEIQ;dc_trk_aid=564319831;dc_trk_cid=92613719;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=bg3.co
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 208ms
98ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694373517596%7D&tim=21%3A18%3A37.596&id=7944&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 174ms
97ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A18%3A37.644&id=5276&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 133ms
131ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A18%3A37.647&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=5263&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 52996

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 133ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A18%3A37.648&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6847&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 52996

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 133ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A18%3A37.657&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=897&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 52996

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 134ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A18%3A37.658&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4678&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 52996

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 134ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A18%3A37.664&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=503&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 52996

GET
H2 200 6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_765%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 55 KB
56 KB 37ms
32ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_765%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 25f8fee701ef51e8e25e584a86c555808c15c17d36e12d39cc0eb07c6c75c92c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_765%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
age: 536988
edge-cache-tag: 530909440442835488290681173650059252203,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530909440442835488290681173650059252203,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 302
expiration: expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 56156
x-backend-name: US_nlb101
x-served-by: cache-iad-kiad7000041-IAD, cache-iad-kiad7000041-IAD, cache-lga21954-LGA, cache-iad-kjyo7100076-IAD, cache-fra-etou8220085-FRA
last-modified: Mon, 14 Aug 2023 14:26:38 GMT
server: nginx
x-timer: S1694373518.001760,VS0,VE2
etag: "1bf11853447d03ce57bfcaa0629f03e1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 49 KB
50 KB 59ms
58ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d1802e4653a5054d75d180a61ab93f52308a85b6ea2e34129d836a86d3f55f93

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
age: 2360029
edge-cache-tag: 530909440442835488290681173650059252203,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530909440442835488290681173650059252203,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 197
req-referer: https://www.forzaroma.info/news-as-roma/addio-matic-boniek-amarissimo-non-me-lo-sarei-mai-aspettato-grande-delusione/
content-length: 50654
x-request-id: 6e7e0d5da71f51c02a17c89c4492df99
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000024-IAD, cache-iad-kcgs7200110-IAD, cache-sna10741-LGB, cache-iad-kjyo7100101-IAD, cache-fra-etou8220085-FRA
last-modified: Mon, 14 Aug 2023 11:44:48 GMT
server: nginx
x-timer: S1694373518.075792,VS0,VE3
etag: "afc1cf87521f1bb675bd1abd8eb6330f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 36ms
33ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e03662baae2a170203c136b546c40cd0503823becb15ab80629e544af9efe19

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 1789157
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 176
expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.freenet.de/
content-length: 18500
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-iad-kcgs7200024-IAD, cache-fra-etou8220085-FRA
last-modified: Fri, 18 Aug 2023 15:33:27 GMT
server: nginx
x-timer: S1694373518.097943,VS0,VE1
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 26, 0, 1

GET
H2 200 dab0e53b0f3f4798483c1e0557ecc75d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 35ms
32ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dab0e53b0f3f4798483c1e0557ecc75d.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 74e77e04d49ace2762af3f9566928056a1796d1a60836da15efd0e59450f44b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dab0e53b0f3f4798483c1e0557ecc75d.png
age: 1773090
edge-cache-tag: 510039608198547542900711623465015880692,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 510039608198547542900711623465015880692,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 205
expiration: expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://noticiasdodia.online/?p=118
content-length: 12590
x-backend-name: CH_nlb802
x-served-by: cache-iad-kcgs7200123-IAD, cache-iad-kiad7000154-IAD, cache-iad-kiad7000165-IAD, cache-fra-etou8220085-FRA
last-modified: Mon, 31 Jul 2023 11:17:38 GMT
server: nginx
x-timer: S1694373518.097928,VS0,VE1
etag: "947a8eee617df2a05fef9761266e3a9a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3, 1

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 76 KB
77 KB 41ms
38ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 2111881
edge-cache-tag: 461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 241
expiration: expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://ibctamil.com/
content-length: 77796
x-backend-name: US_nlb106
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200159-IAD, cache-lga21978-LGA, cache-iad-kjyo7100056-IAD, cache-fra-etou8220085-FRA
last-modified: Thu, 10 Aug 2023 20:02:04 GMT
server: nginx
x-timer: S1694373518.097970,VS0,VE4
etag: "71e7328a598628fe3e7dc8b93d19f889"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 0, 1

GET
H2 200 dd0314f1302516ba60edbe46cb3486ca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
32 KB 38ms
35ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd0314f1302516ba60edbe46cb3486ca.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87afa2bdf8053717ab90b42cae7409a95b8d2bd177b09c77adba0302891b92dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd0314f1302516ba60edbe46cb3486ca.jpg
age: 3501237
edge-cache-tag: 519430772714652545967861982179629446708,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 519430772714652545967861982179629446708,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 238
expiration: expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.leprogres.fr/
content-length: 32314
x-backend-name: LA_nlb201
x-served-by: cache-iad-kiad7000047-IAD, cache-iad-kjyo7100093-IAD, cache-sna10731-LGB, cache-iad-kjyo7100052-IAD, cache-fra-etou8220085-FRA
last-modified: Tue, 18 Jul 2023 04:51:06 GMT
server: nginx
x-timer: S1694373518.097925,VS0,VE4
etag: "02092775ee07edac53e9de2767902691"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 30, 0, 11, 1

GET
H2 200 32a138fd7ef8b664e4231c98c5b25f9b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 25 KB
26 KB 44ms
44ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32a138fd7ef8b664e4231c98c5b25f9b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bf6ad585e13e6e4b6832a8c8b75b1c83b4e7ee3683c5f786a274527b5fe7d27

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32a138fd7ef8b664e4231c98c5b25f9b.jpg
age: 2990398
edge-cache-tag: 588966396686879871830918856448821189567,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 588966396686879871830918856448821189567,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 95
expiration: expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 25448
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100051-IAD, cache-sna10749-LGB, cache-iad-kiad7000098-IAD, cache-fra-etou8220085-FRA
last-modified: Sat, 22 Jul 2023 09:02:45 GMT
server: nginx
x-timer: S1694373518.106526,VS0,VE1
etag: "34a86780c8427774629d3aba27d34975"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 237, 1

GET
H2 200 6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 53 KB
53 KB 104ms
104ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 068d9b8a77a8c8730417cb17351815c2da7a80d31cff2ec682127c429334e011

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 42
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
age: 2350321
edge-cache-tag: 530909440442835488290681173650059252203,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530909440442835488290681173650059252203,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 232
req-referer: https://instantlymodern.com/
content-length: 53914
x-request-id: cf72ae95e93fce3d877fc3250d0a0c3e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000079-IAD, cache-iad-kiad7000166-IAD, cache-lga21969-LGA, cache-iad-kcgs7200038-IAD, cache-fra-etou8220085-FRA
last-modified: Mon, 14 Aug 2023 11:44:50 GMT
server: nginx
x-timer: S1694373518.120565,VS0,VE42
etag: "4deefa3773de5030ba23b177ca9fafe4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 1

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 87 KB
88 KB 70ms
69ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 2878284
edge-cache-tag: 461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 210
expiration: expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.autoplus.fr/
content-length: 89246
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200145-IAD, cache-iad-kjyo7100071-IAD, cache-sna10725-LGB, cache-iad-kjyo7100170-IAD, cache-fra-etou8220085-FRA
last-modified: Mon, 10 Jul 2023 13:45:40 GMT
server: nginx
x-timer: S1694373518.131805,VS0,VE2
etag: "ecebe3f0b20bc86f86907281770c8cb6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 4, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 42 KB
42 KB 58ms
56ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 1789157
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 480
expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 42778
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21931-LGA, cache-iad-kjyo7100053-IAD, cache-fra-etou8220085-FRA
last-modified: Fri, 18 Aug 2023 15:33:27 GMT
server: nginx
x-timer: S1694373518.131833,VS0,VE0
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1345, 11

GET
H2 200 dab0e53b0f3f4798483c1e0557ecc75d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 33 KB
34 KB 126ms
126ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dab0e53b0f3f4798483c1e0557ecc75d.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 52a6afafa1bb34c28114a55e30f5bfdc0288452ed1efec0533c5fdca49a4de86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dab0e53b0f3f4798483c1e0557ecc75d.png
age: 1813973
edge-cache-tag: 510039608198547542900711623465015880692,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 510039608198547542900711623465015880692,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 332
expiration: expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://mannenpage.nl/
content-length: 33590
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000141-IAD, cache-iad-kjyo7100139-IAD, cache-iad-kiad7000041-IAD, cache-fra-etou8220085-FRA
last-modified: Fri, 21 Jul 2023 02:01:44 GMT
server: nginx
x-timer: S1694373518.170164,VS0,VE1
etag: "74778a095b2503de22585a1772469183"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5, 1

GET 770c5cea5aff16970eaf04fe69844769.jpg
static.bg3.co/imgs/202201/ 0
0

GET 7b59390d449515b0f9a3ea9d7e6408fa.jpg
static.bg3.co/imgs/202106/ 0
0

GET 53d3b705fa0e20eef4a7e1c874741827.jpg
static.bg3.co/imgs/202204/ 0
0

GET 4ac8f1fb170146cda48489d4995580ce.jpg
static.bg3.co/imgs/202106/ 0
0

GET 1407072fa468b2ba2197e217897f131e.jpg
static.bg3.co/imgs/202106/ 0
0

GET 3eeed795772a81cad55884ba64c81921.jpg
static.bg3.co/imgs/202107/ 0
0

GET d3ffda7a1072f020453122f52e44280b.jpg
static.bg3.co/imgs/202106/ 0
0

GET a40bcf5b069c53899536c3106e963453.jpg
static.bg3.co/imgs/202106/ 0
0

GET 2f3b5fb39bba22bad858c685f654137b.jpg
static.bg3.co/imgs/202106/ 0
0

GET 04771edd20edabfe3c75abef93919b74.jpg
static.bg3.co/imgs/202107/ 0
0

GET daaf7c0b32746156acace511c6d76686.jpg
static.bg3.co/imgs/202105/ 0
0

GET 532b9d9754edca1ea3a6e9e4822c6c57.jpg
static.bg3.co/imgs/202106/ 0
0

GET 4842abf0da85f623cb08d50f6e614fc5.jpg
static.bg3.co/imgs/202106/ 0
0

GET 57b6ddbcf90cc35ef0a9f136c57054ff.jpg
static.bg3.co/imgs/202105/ 0
0

GET b3681f0e79bdd4c0ebecb328450c4a2c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 72ad963f88cf1608a8c1b0c8f9d6f5d7.jpg
static.bg3.co/imgs/202201/ 0
0

GET 6c0bce2b108e93d37aa4a6e33ddfa44f.jpg
static.bg3.co/imgs/202203/ 0
0

GET bea958c2e5a0403b137c25ef5aa77922.jpg
static.bg3.co/imgs/202105/ 0
0

GET 04e5d8e1782a24eeb4fafe3106b5fe91.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8a97da81ffe6e8a0b19bf8660b33a1c4.jpg
static.bg3.co/imgs/202105/ 0
0

GET d6507b0bc36a1472ae60ce5c21486da5.jpg
static.bg3.co/imgs/202106/ 0
0

GET 9cd85db2854f72cfd6e64bf9df249b28.jpg
static.bg3.co/imgs/202106/ 0
0

GET 4d9634351869f25bbb13c41af19abefb.jpg
static.bg3.co/imgs/202105/ 0
0

GET ba9d15369ed397ffa52f26897898cacd.jpg
static.bg3.co/imgs/202109/ 0
0

GET 54cdbbda8d79d6a249bb9e836c726c58.jpg
static.bg3.co/imgs/202105/ 0
0

GET 5cae28b113792b6322bab3b3ad2d886a.jpg
static.bg3.co/imgs/202108/ 0
0

GET ca0366968dac0d15afe574586fea9f3c.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C75D 0
0 68ms
65ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuESYjaWcYaW87oLCzfFlnoaQ0L9fmWXzfHBymrQor3p6XYfQzXmTso066JaEXmyweLxTu30wDrYtxZpGQngyuttU7NYuDq1c8Me-4wunBH-XUeiPh4o_wJUkA3bRj0XHSE46gE8Z9aluoImhd3CjU-2wLG0oMaChgnsYdpRsCGlfFH7gYsWl0MLdh1_nr2iB1f4d4Gjr447Dte1RFkbBzosMHR_LAh8RTaPAI_7aBq0w9z4kaL8brzaTj5sw71_o6Mnq2tbseQH5Y431UmViI5YJO7TChbo1kPaEIMhqrR_865552M2ePy6lzFVAxk5lWoxA&sai=AMfl-YSAu5CLqwgj_Ak3RLZ7Pc8Gi-BKAn87DRixXj0MqXfHVyypOSThJn_kVvxSady2xqbYn7OeE3JyoLprXnCk3Ok7M9Nfnwa5GSs4mt8DHewE9g4QzUAymIzrFQ8dutkQQdjNwG6JKizIt3yUXGw&sig=Cg0ArKJSzKdKb-VSOCFkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 19:18:37 GMT

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 323ms
43ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 14:03:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64df7a1a-66bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 10 Sep 2023 20:18:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C75D 181 KB
57 KB 762ms
112ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 19:18:38 GMT

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 8 KB
4 KB 632ms
58ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:30 GMT
age: 437528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2968
x-xss-protection: 0
server: sffe
etag: "20a8808a3fce3085"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:30 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 82 KB
23 KB 643ms
70ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:31 GMT
age: 437527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23124
x-xss-protection: 0
server: sffe
etag: "91fba5c7cd59114d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:31 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 5 KB
903 B 793ms
155ms Fetch
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dd10c4eabe829c55b6dc7b0b3c581ef3809a309008d16aa34ba0ba092f2b1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 0

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 12 KB
4 KB 626ms
59ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:31 GMT
age: 437527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3948
x-xss-protection: 0
server: sffe
etag: "a02df160e36bd176"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:31 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
799 B 38ms
37ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1694373517840
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 09 Sep 2024 19:18:37 GMT
date: Sun, 10 Sep 2023 19:18:37 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (frc/4CC2)
age: 2103793
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 62ms
60ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A18%3A37.855&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3006&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 52172

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 712ms
113ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Sep 2023 19:03:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Sep 2023 19:18:38 GMT

GET
H2 200 spa-detector.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1023 B 25ms
24ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dd78f90f733b7a6d3808b55b1d8560772bc68f0b9b55af1052c4b3f441f0222

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: QXCRs0cXYGjEchqiYPRINe.VuIwInoh8
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: C4JTR0KE9FEZ4BYA
age: 17069
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 780
x-amz-id-2: 6Fz9w5God2P3+s18gdCIjvJRFAhrQa3GA4LtgX09IFHTqdE+xWkG4ET5kPFJ3oqCibODWE/5DO8=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:34:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.873491,VS0,VE0
etag: "8b01e5c75119c0f192ee0e9fc877e58b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 27
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 15973

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 63ms
61ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A18%3A37.856&id=2141&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 65ms
63ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694373517859%7D&tim=21%3A18%3A37.859&id=5562&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 64ms
62ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A18%3A37.861&id=6768&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 63ms
61ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694373517863%7D&tim=21%3A18%3A37.863&id=5719&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 64ms
62ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2217.9375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A18%3A37.877&id=2271&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 139ms
137ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=11104&lti=deflated&ri=b4b52b2f81d232d6d6709843763000f0&sd=v2_882e4e39ea2135a48890941f40c9f19c_05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d_1694373517_1694373517_CNawjgYQ2YJdGMeuoISoMSABKAEwKziy0A1A0IgQSNyc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d&pi=/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&wi=-7131232676095669875&pt=text&vi=1694373517127&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1192%7D%22%2C%22eventTime%22%3A1694373517879%7D&tim=21%3A18%3A37.879&id=2642&llvl=2&cv=20230910-15-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 next-up-widget.20230910-15-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 25ms
25ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230910-15-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f72778a618de493fe2f538cd70411f4b519fb511aac6dc7bb7e326531f32013

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: IMDS55X1u82eO4CeGdZQjVWaA6cfcaKi
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:37 GMT
x-amz-request-id: WTKSQMHS8HMBG1GX
age: 17075
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: 4gEoF1cmnw0a08Im9MZLUJ8ZC43m6OKuwZzVzLoB6vcRkuQYswrvdRlFVSES95pjAt3IBK4CZgU=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 14:34:03 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373518.889775,VS0,VE0
etag: "dc03fe7a6d318e642be88af86739b177"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3654

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&rid=esp&cc=1

85 B
202 B

219ms
216ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&rid=esp&cc=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 0a3e687965f7b94fb9f21aacfb13299ecee52e7f6b09fdfdd62f90adb7432064

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-/asvUCD1eydhBV3dRZ1EsAw4ZKs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.bg3.co
location: /esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 59ms
59ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:37 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1694373517.dop149.fr8.t,1694373517.cds292.fr8.hn,1694373517.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 159ms
159ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eda2070988ff6df5dde03a02a106f9e6c64854fec8ea5dfee3e58ac0b0d06191

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ed1fd980e7aeb5958bc6ad2b22436fb.jpg
age: 537807
edge-cache-tag: 530909440442835488290681173650059252203,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530909440442835488290681173650059252203,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 83
expiration: expiry-date="Fri, 15 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.israelnationalnews.com/
content-length: 6868
x-backend-name: US_nlb102
x-served-by: cache-iad-kjyo7100078-IAD, cache-iad-kiad7000151-IAD, cache-lga21973-LGA, cache-iad-kcgs7200020-IAD, cache-fra-etou8220085-FRA
last-modified: Tue, 15 Aug 2023 10:02:15 GMT
server: nginx
x-timer: S1694373518.187789,VS0,VE1
etag: "413368af685b32b904f2c5238876abba"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 14, 1

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 156ms
156ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 1533627
edge-cache-tag: 461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 696
req-referer: https://www.newshub.co.nz/
content-length: 7746
x-request-id: f00da37abc7fb987ab04b5aad08798f0
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100142-IAD, cache-iad-kiad7000088-IAD, cache-lax10624-LGB, cache-iad-kcgs7200049-IAD, cache-fra-etou8220085-FRA
last-modified: Thu, 10 Aug 2023 14:24:09 GMT
server: nginx
x-timer: S1694373518.196299,VS0,VE2
etag: "d0128170b80ae3f72d7f0bc017645d98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 121ms
120ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92b6509860512f6d249439e8a2b559c5334d94187d276ea02b245d528e3870d1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 2275741
edge-cache-tag: 486431112865747330230722196242728132931,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 95
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.livedoor.com/
content-length: 6140
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000027-IAD, cache-iad-kiad7000169-IAD, cache-lga21955-LGA, cache-iad-kcgs7200051-IAD, cache-fra-etou8220085-FRA
last-modified: Sat, 15 Jul 2023 22:51:17 GMT
server: nginx
x-timer: S1694373518.196288,VS0,VE1
etag: "d556883197025a9ed2665876d1876378"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 26, 1

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
640 B 104ms
104ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1766
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho9gINw7aoy1mg5OsW%2B2EqrUnlmled96DGwYNr2MlpoW%2ByEb%2BrzprC2UOMOuHxIxxneB4Dq9enP7Bi%2FHCPjbJQXH3GH8QRGDMEbZ5lJ5U346TPNpVa3aaaeZulbufyrwNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 804a0497ee0a3747-MXP

GET idRequest
sync.aralego.com/ 0
0

GET ad_request
ads.aralego.com/ 0
0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F19D 15 KB
6 KB 103ms
103ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 19:18:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 309739
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 371ms
62ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Sun, 10 Sep 2023 19:18:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 53 KB
18 KB 153ms
152ms XHR
application/json 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&referrer=&async=1&uid=2975952462&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c6b36942799097e4e5a5c0a21841d063a8cb682d153576404dd32106bfc74d05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 2C21 439 B
396 B 137ms
115ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&cmcv=&pix=undefined&cb=1694373518183&uv=3337&tms=1694373518183&abt=lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vD!ul142462-737_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=0f93dd0d-fc92-4bbc-9184-b722a38b584e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc4fa4d3bdcc9415ef32f4485da8a4535b88033be283062906760167c49c9f4c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sun, 10 Sep 2023 19:18:38 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220085-FRA
x-timer: S1694373518.234309,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4CB2 439 B
525 B 750ms
174ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: fc4fa4d3bdcc9415ef32f4485da8a4535b88033be283062906760167c49c9f4c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 10 Sep 2023 19:18:38 GMT
machineid: 3401
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
765 B 423ms
406ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=208401&tagid=1047981&crid=-1&noaop=3&sortOrderType=0&cb=1694373518188&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=140898758&pt=-533031141&tz=120&viewable=true&ddast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vD!ul142462-737_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1480
x-cache: MISS
x-served-by: cache-fra-etou8220085-FRA
pragma: no-cache
server: nginx
x-timer: S1694373518.234309,VS0,VE321
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 600ms
138ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&cmcv=&pix=31589837&cb=1694373518183&uv=3337&tms=1694373518183&abt=lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vD!ul142462-737_vB&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1694373512256.9!ts:1694373518183&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-length: 0
server: nginx

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame F19D 433 B
560 B 109ms
106ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3c13aa8b809a0ce331fe9a184b33b0ec2c6741b35b54a09f5378fdac78e332b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1648766
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2C21 70 B
148 B 1234ms
237ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&cmcv=&pix=undefined&cb=1694373518183&uv=3337&tms=1694373518183&abt=lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vD!ul142462-737_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=0f93dd0d-fc92-4bbc-9184-b722a38b584e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2C21 43 B
425 B 1213ms
424ms Image
image/gif 52.208.254.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&cmcv=&pix=undefined&cb=1694373518183&uv=3337&tms=1694373518183&abt=lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vD!ul142462-737_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=0f93dd0d-fc92-4bbc-9184-b722a38b584e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.254.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-254-204.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 2C21 0
125 B 476ms
80ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E18B 4 KB
2 KB 422ms
120ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a9070022789ff5bd71c8c87c32227fe27b5fe16b6680552ebd4c081917032bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1438
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 moxplayer.css
ad.vidverto.io/js/moxplayer/ 51 KB
8 KB 89ms
80ms Stylesheet
text/css 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-cbf7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 10 Sep 2023 20:18:38 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
124 KB 889ms
223ms Script
text/javascript 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9848fd9c8e8d1002001cd245c2218c1c51d6e0aa9f543a0163e19bf6899af172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126091
x-xss-protection: 0
expires: Sun, 10 Sep 2023 19:18:39 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 94ms
86ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 10 Sep 2023 20:18:38 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 59 KB
13 KB 95ms
86ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 17:10:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6442c381-edf4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 10 Sep 2023 20:18:38 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 87 KB
23 KB 96ms
88ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?08092023
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dae0b88c1732815e47cb0d2d0d7e270b9225d316216ee4ba20ab74eea6d8525c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
last-modified: Fri, 08 Sep 2023 10:57:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64fafe31-15d8c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 10 Sep 2023 20:18:38 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 129 KB
41 KB 118ms
112ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 07:44:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdedec-205ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 10 Sep 2023 20:18:38 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 280 KB
94 KB 187ms
180ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 17:02:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64fa0208-461ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 10 Sep 2023 20:18:38 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 87ms
81ms Stylesheet
text/css 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Df643c8a7-90b8-4c83-a6eb-def6befec6e7%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=f643c8a7-90b8-4c83-a6eb-def6befec6e7&p_id=23

0
151 B

165ms
159ms

Image
text/plain

212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=f643c8a7-90b8-4c83-a6eb-def6befec6e7&p_id=23
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=f643c8a7-90b8-4c83-a6eb-def6befec6e7&p_id=23
date: Sun, 10 Sep 2023 19:18:38 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f643c8a7-90b8-4c83-a6eb-def6befec6e7&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f643c8a7-90b8-4c83-a6eb-def6befec6e7&gdpr=0&gdpr_consent=
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-t8B2O7PAyzTGpI2jSTOFWFq1cW_x1g-uZjLTHg&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&p_id=15

0
155 B

632ms
253ms

Image
text/plain

175.110.113.205
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&p_id=15
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Server: 175.110.113.205 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-205.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:40 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: //ad.vidver.to/delivery/v2/sync?userid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&p_id=15
date: Sun, 10 Sep 2023 19:18:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 186ms
181ms Image
image/png 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:38 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Sun, 17 Sep 2023 19:18:38 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame FEA7 572 B
797 B 646ms
257ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a02a6d202a0bf4f7e11709ed273dbdddd1d9b843b04f56417e3e15f7c194c89d

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 371
content-type: text/html
date: Sun, 10 Sep 2023 19:18:38 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_3_7/infra/ 881 KB
144 KB 76ms
76ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_3_7/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 27d2ede32470fcdd1daa599f9132a37e37f9cf9588fa117284a8bf19da884401

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1694350799
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DWPRMQ2Z58YSKKH4
age: 22597
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1694350800
x-amz-meta-mode: 33188
content-length: 146998
x-amz-id-2: sldzc+EhHy4WdqNbXE/SI81HgYhQMq/PMrC0rZkwaZWKi1v/J6FwJCyrKbQtcxOGG1/BC+etoe8=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Sun, 10 Sep 2023 13:00:01 GMT
server: AmazonS3-br
x-timer: S1694373519.684662,VS0,VE0
etag: "90e3f78cabdb23678e611620c341e041"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 24082

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_7/assets/css/ 60 KB
8 KB 74ms
73ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_3_7/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1694350818
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DWPT7P8ZVPQ4ZX0F
age: 22597
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1694350819
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: /FD5MV+EABqXw/Y4Vg1Q1yyfckuzHeOSHKj7QeTH1zHhavBRMdSPD+r66QbRtDeqCMq1+6mNv5U=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 10 Sep 2023 13:00:20 GMT
server: AmazonS3-br
x-timer: S1694373519.682757,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 32184

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 40 KB
10 KB 89ms
88ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:31 GMT
age: 437527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10339
x-xss-protection: 0
server: sffe
etag: "6b0a8d436e5c7ad3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:31 GMT

GET
H2 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 213 KB
57 KB 108ms
108ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:47:09 GMT
age: 437489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57751
x-xss-protection: 0
server: sffe
etag: "df3f5bf96724b1a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:47:09 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 1753ms
869ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Sun, 10 Sep 2023 19:18:39 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1694373519215_389467673_767674581_789_891_129_0_146";dur=1
content-length: 122286
expires: Mon, 09 Sep 2024 19:18:39 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
587 B 1728ms
869ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Sun, 10 Sep 2023 19:18:39 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1694373519617_389467673_767674583_675_1219_129_383_146";dur=1
content-length: 211
expires: Mon, 09 Sep 2024 19:18:39 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 1078ms
224ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Sun, 10 Sep 2023 19:18:39 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1694373519617_389467673_767674582_496_1211_129_0_146";dur=1
content-length: 18371
expires: Sun, 10 Sep 2023 20:18:39 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 921ms
326ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQzNzM1MTg3MDgsInBhY2tldElkIjoiMDAwMEE3MDEtNjc5OTIxZWYtM2ZiZS00MDJkLWE3NTgtNDZjNGI5ZWI2MWFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXRhLWx1by0xMnhpbmctenVvLXlpLXpob3UteXVuLXNoaS0wMTE3LTAxMjMtc2h1YW5nLXppLWthbi1qaW4taGUtYmFvLXNoaS16aS1iaS14dS1jaGVuLXpodS1xaS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=6451.700000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 920ms
325ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
304 B 287ms
286ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10143&tvi50=11104&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 75
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59238
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220085-FRA
pragma: no-cache
server: nginx
x-timer: S1694373519.840492,VS0,VE75
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 934ms
401ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQzNzM1MTg3NzYsInBhY2tldElkIjoiMDAwMEE3MDEtNjc5OTIxZWYtM2ZiZS00MDJkLWE3NTgtNDZjNGI5ZWI2MWFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXRhLWx1by0xMnhpbmctenVvLXlpLXpob3UteXVuLXNoaS0wMTE3LTAxMjMtc2h1YW5nLXppLWthbi1qaW4taGUtYmFvLXNoaS16aS1iaS14dS1jaGVuLXpodS1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=6519.799999237061
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 919ms
401ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQzNzM1MTg3OTAsInBhY2tldElkIjoiMDAwMEE3MDEtNjc5OTIxZWYtM2ZiZS00MDJkLWE3NTgtNDZjNGI5ZWI2MWFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXRhLWx1by0xMnhpbmctenVvLXlpLXpob3UteXVuLXNoaS0wMTE3LTAxMjMtc2h1YW5nLXppLWthbi1qaW4taGUtYmFvLXNoaS16aS1iaS14dS1jaGVuLXpodS1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=6534.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 912ms
401ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQzNzM1MTg3OTMsInBhY2tldElkIjoiMDAwMEE3MDEtNjc5OTIxZWYtM2ZiZS00MDJkLWE3NTgtNDZjNGI5ZWI2MWFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXRhLWx1by0xMnhpbmctenVvLXlpLXpob3UteXVuLXNoaS0wMTE3LTAxMjMtc2h1YW5nLXppLWthbi1qaW4taGUtYmFvLXNoaS16aS1iaS14dS1jaGVuLXpodS1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=6537
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 920 B
531 B 363ms
362ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3701191947948741&correlator=2399774173752154&eid=31077099%2C31077595%2C21065725&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&arp=1&abxe=1&dt=1694373518803&lmt=1694366318&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=227825893.1694373518&ga_sid=1694373518&ga_hid=1609667580&ga_fc=false&dlt=1694373516688&idt=808&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_12_0_pv%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5784c463554f4b9c3173dcb0732f28eceb7d5114a6a65612ea2d2fba4e587dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 426
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 37 KB
13 KB 184ms
184ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_page_level_ads.js?cb=31077595

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 18:37:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2479
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13172
x-xss-protection: 0
server: cafe
etag: 7949494514302333357
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Sep 2024 18:37:19 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 899ms
402ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQzNzM1MTg3NzYsInBhY2tldElkIjoiMDAwMEE3MDEtNjc5OTIxZWYtM2ZiZS00MDJkLWE3NTgtNDZjNGI5ZWI2MWFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXRhLWx1by0xMnhpbmctenVvLXlpLXpob3UteXVuLXNoaS0wMTE3LTAxMjMtc2h1YW5nLXppLWthbi1qaW4taGUtYmFvLXNoaS16aS1iaS14dS1jaGVuLXpodS1xaS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=6556.200000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame E18B 43 B
442 B 616ms
203ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x2 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 10 Sep 2023 19:18:39 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x2 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sun, 10 Sep 2023 19:18:38 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame E18B
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LMDU8UW0-9-APHD&gdpr=0

0
291 B

76ms
75ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LMDU8UW0-9-APHD&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LMDU8UW0-9-APHD&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame E18B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5807369807400848501

0
291 B

379ms
379ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5807369807400848501

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
an-x-request-uuid: 096bc320-51f3-494f-8970-3ee0103c4839
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5807369807400848501
x-proxy-origin: 144.2.118.226; 144.2.118.226; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame E18B
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=b02df6d827f8b4427a47753ae053ea66&gdpr_consent=&gdpr=0

0
291 B

142ms
141ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=b02df6d827f8b4427a47753ae053ea66&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Sun, 10 Sep 2023 19:18:39 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=b02df6d827f8b4427a47753ae053ea66&gdpr_consent=&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1694373519302063-409
Expires: Sun, 10 Sep 2023 19:18:39 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame E18B 42 B
773 B 729ms
108ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E18B
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABioCIHo4-p7EupJnFBIymNV6zVUsCmkyAWA

170 B
243 B

520ms
326ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABioCIHo4-p7EupJnFBIymNV6zVUsCmkyAWA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABioCIHo4-p7EupJnFBIymNV6zVUsCmkyAWA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame E18B
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=1986005891918530209

0
291 B

142ms
141ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=1986005891918530209

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=1986005891918530209
date: Sun, 10 Sep 2023 19:18:39 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame E18B 0
0 614ms
203ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E18B
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4

43 B
479 B

2106ms
166ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Sep 2023 19:18:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1J4DAT2M81VQYS26K1QQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame E18B
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODQ1MTYyODUtNTk0QS00RjE0LTkxREQtM0M0ODBDN0ZENDMw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=84516285-594A-4F14-91DD-3C480C7FD430

0
291 B

191ms
190ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=84516285-594A-4F14-91DD-3C480C7FD430

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=84516285-594A-4F14-91DD-3C480C7FD430
date: Sun, 10 Sep 2023 19:18:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame E18B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC0lDroeHzqUA0qFv7CfTBU&google_cver=1

0
291 B

82ms
81ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC0lDroeHzqUA0qFv7CfTBU&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC0lDroeHzqUA0qFv7CfTBU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame E18B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-r63_h15E2uGBnTFLDIxitwhRNMobmByNAlk.BNY-~A

0
291 B

78ms
78ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-r63_h15E2uGBnTFLDIxitwhRNMobmByNAlk.BNY-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-r63_h15E2uGBnTFLDIxitwhRNMobmByNAlk.BNY-~A
date: Sun, 10 Sep 2023 19:18:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E18B 70 B
148 B 746ms
238ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame E18B
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26us...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=223de8c9-780e-52fd-9426-579bf0d84114&ssp=onetag&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=30&uid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&gdpr=0&gdpr_consent=&us_privacy=

0
291 B

52ms
52ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&gdpr=0&gdpr_consent=&us_privacy=
date: Sun, 10 Sep 2023 19:18:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sync
ad.mox.tv/delivery/v2/ Frame E18B
Redirect Chain

https://ad.mox.tv/delivery/sync?userid=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4&p_id=5
https://ad.mox.tv/delivery/v2/sync?userid=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4&p_id=5

0
158 B

56ms
56ms

Image
text/plain

212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/v2/sync?userid=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4&p_id=5
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:40 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.mox.tv/delivery/v2/sync?userid=JBbu6wm_q5c_Zj-1ZgRViYTkRv9yxzjz8CkJhPtqxB4&p_id=5
date: Sun, 10 Sep 2023 19:18:39 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
746 B 123ms
123ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sun, 10 Sep 2023 19:18:38 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 17473
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1694373519.903244,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 6074

GET
DATA 200
OK truncated
/ Frame C75D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c078de703c6fb8e8a26f0222934e32537bce8b479e8a7340cfb2f9e6591b32f2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C75D 0
0 1247ms
246ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnDIQ1Au2wiSxZsS034-bEBINrMHmaOTtYDWNkdRKmBl795ty2Pmqp6LhD5HiXr9jGu2FVD090PSkBg6oDl30_fQia_10QYM0OxJRZGm9V3M3sYZr0s7bWBKsAG9iT3ViZQOTwxARMStYXfvaGbb_x9xFjPCbrkEfAhpCcH0FqfaBfCR0K3ovhJWb3vFRXRFfQy2HMTSS48DhYv1LQpBxofn6VpjTCFSYeUMjnhbyOW14XRCIK4tRRC7Uxeu6nImmdNRdW-YfD7gAL6qErFFAUolUbexIrzgSWflJvCEpCqlHNXlkvbGOKN9RtXCo_yJu7Reui&sai=AMfl-YQv3n7VCAyYwqkyTUgJCQKsqII3wxh2nFglhcSz-Z9qP9BY590oouQjxmseaRn1glfkBIYSibZnAsExozJics0fNtInDKemvtEzdGewZwx1X2KI4Ds37i1GIlLjBw5p8voxpL4_MtVuNwihe6M&sig=Cg0ArKJSzN1kc4Mc2eZ9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-52-208-254-204.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 19:18:39 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4CB2 70 B
149 B 618ms
237ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4CB2 43 B
426 B 477ms
303ms Image
image/gif 52.208.254.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.254.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 4CB2 0
38 B 149ms
148ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 110 KB
31 KB 152ms
152ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:30 GMT
age: 437528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32129
x-xss-protection: 0
server: sffe
etag: "d5ab003501cb3fb7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:30 GMT

GET
H2 200 nameframe.html
d-3760470731823427037.ampproject.net/2308242321000/ 0
0 1059ms
298ms Other
text/html 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-3760470731823427037.ampproject.net/2308242321000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 80ms
79ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_7/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 2148388
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-etou8220085-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1694373519.312974,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 40118

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v140898.758/ 448 KB
85 KB 64ms
63ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v140898.758/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_7/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 99b990d0354597972adf123dcaf2b9a37ceac606b9a4ee8d1ca72e66d6ce7448

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1694335871
date: Sun, 10 Sep 2023 19:18:39 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 896BAQ3BTRW08JTA
age: 37583
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1694335884
x-amz-meta-mode: 33188
content-length: 86383
x-amz-id-2: njoTUdJSk6fBn6ojwzxxgdYR88s7wKCYEkcL+HpIFphln5TF6wn+wY6c5D/XwszDuo+If2eZgls=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Sun, 10 Sep 2023 08:51:25 GMT
server: AmazonS3-br
x-timer: S1694373519.332705,VS0,VE0
etag: "9ccae55fd14889dbb78d9d6dcf9ff3d7"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 7845

GET
H2 200 sync Show response
am-match.taboola.com/ Frame BBF9 577 B
662 B 158ms
157ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_7/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: bfc168f96f4a965c41aa202afa12a582bafac053b52fb27211a8d6926b57bc37

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 10 Sep 2023 19:18:39 GMT
machineid: 3406
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 156ms
155ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&cmcv=&pix=31579697&cb=1694373519326&uv=3337&tms=1694373519326&su=3&abt=lvlstst-in2_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vG!ul142462-737_vB&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
content-length: 0
server: nginx

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FEA7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=56992873382673490

43 B
106 B

189ms
140ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=56992873382673490
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=56992873382673490
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame FEA7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4b942358-5f3f-c4c8-02d2-b67dd6848128
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4b942358-5f3f-c4c8-02d2-b67dd6848128&dcc=t

43 B
855 B

249ms
249ms

Image
image/gif

54.239.33.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4b942358-5f3f-c4c8-02d2-b67dd6848128&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Sep 2023 19:18:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4VRAM6GNWZM1T2M88GB1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Sep 2023 19:18:39 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 59VHSACGRRMY9J8X1RZB
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4b942358-5f3f-c4c8-02d2-b67dd6848128&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame FEA7 70 B
148 B 335ms
334ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=13425f25-4395-7f32-c2dc-34eabeb74ac8&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame FEA7 170 B
232 B 335ms
334ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2YyZDhjZWYtOGFlMi0yMTk2LWQ3M2MtNmU1Mzc0NTU4NGE4

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FEA7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC7iiSS0HWhQAcnB8EUKnUQ&google_cver=1

43 B
180 B

116ms
75ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC7iiSS0HWhQAcnB8EUKnUQ&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC7iiSS0HWhQAcnB8EUKnUQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 244ms
219ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Sun, 10 Sep 2023 19:18:39 GMT
via: 1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: MRS52-C1
age: 1615779
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1694373519.409175,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
x-cache-hits: 220711

GET
H2 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 2 KB
980 B 156ms
155ms Fetch
application/json 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:46 GMT
age: 437513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "13417016125ec007"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:46 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 762ms
130ms Fetch
application/json 172.64.197.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.197.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34628
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 10 Sep 2023 09:41:32 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSRdxTk8Ot1wDdy8KnGEDsOjoGrA1Hu72brgOFxFG1RL0X0%2BLuDDqP146D2I0GEseACiFqgoWmvIY1MNoOj2y0qAg1fmYFbHTFEaJX%2F1z7z33rNAbNz2MdXHzMD5loINE81Zkhjhq3CM1j68WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 804a04a4cae63735-FRA

GET
H2 200 gtag.json Show response
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 3 KB
1 KB 237ms
237ms Fetch
application/json 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:34 GMT
age: 437525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "2053776e7f80c73d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:34 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BBF9 70 B
148 B 287ms
285ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame BBF9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/05c20e21-3fdc-4cf2-a13c-677e4d05a6c8-tuctbf79c0d?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-4j2I3nJE2oQynmiho9I6GtMQOmVEQMpncyZBTQ--~A

0
98 B

153ms
139ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-4j2I3nJE2oQynmiho9I6GtMQOmVEQMpncyZBTQ--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 53010

Redirect headers

date: Sun, 10 Sep 2023 19:18:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-4j2I3nJE2oQynmiho9I6GtMQOmVEQMpncyZBTQ--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2859 281 B
554 B 588ms
168ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Sep 2023 19:18:39 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 500ms
499ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:39 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1917
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1694373520.607761,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 77
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 12229

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 499ms
499ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Sep 2023 19:18:39 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 7022
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-etou8220085-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1694373520.607772,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 17
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 14918

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 285ms
285ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 926ms
193ms Fetch
application/json 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sun, 10 Sep 2023 19:18:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 111 KB
32 KB 365ms
364ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:21:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdf69b-1bc07"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 10 Sep 2023 20:18:39 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 782ms
781ms Stylesheet
text/css 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1104 721 KB
231 KB 77ms
76ms Document
text/html 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 215839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 07:21:20 GMT
expires: Sat, 07 Sep 2024 07:21:20 GMT
last-modified: Wed, 06 Sep 2023 19:19:14 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 1110ms
260ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Sep 2023 19:18:40 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F523 40 KB
14 KB 386ms
84ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 18:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 10 Sep 2023 19:22:16 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 745ms
745ms Image
text/xml 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=JkwTBeU%2BSwCxNCTJ10W5QxWjs%2FYuHz5pEfbMYrFHDnEDP0%2F0vIOe8RIpr8pTCOtmAtc9RN742WZTeX6FAV1MeJcGiSQQqW%2B0M5eKGK1D4HzdfBCgwT%2FAlU2gDF0jFvtBbTXCdSM9%2BfuJUDUY2XitWRtb0fTGJvRvUwpefWQ7yP8trYVJSpNKkx9kTmVWbGAduKHLACZ8%2FJDTgXutHltcAoGJpjl7YiwrEhsg%2BPSKU0uaByhVarTctDMnfDNpW1XZhquSZ9LiosIV2ZGoBZOQ6xHVlANjKIooFPWVLdW%2FAVE1BYCX9jUX0Vcrx63a%2B18tp1mDOeq9%2FF6ufmrGXvK6FwN6iku2AMYMYGnLMByAoa6USLG31YHqPXDjGm%2BC30FknsRm9nZS0dkRg80BNoCQE6trQEoR3vOyA%2FIVYpCJQ%2BrJ4%2Fitq7tOSit6lxXG%2BJkZQNH9yjI0xUI%2B9ib18inl%2FrwGUK4tf5%2BKhgHuJPpeJaAbJ5vAGbnJoeFKY4b1Dx%2F4Lq8k%2BYw2T5cP9NOn1xEQRLMRQbu%2B8APl5sVlpA9I72XHlLKG6fN7h%2FXTKsNZe8ha
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/ 40 KB
0 675ms
202ms Media
video/mp4 185.180.220.207
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.207 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 10 Sep 2023 19:18:40 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame CE8E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

232ms
120ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Sep 2023 19:18:40 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 10 Sep 2023 19:18:40 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET idsync
sync.aralego.com/ 0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C0DA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

108ms
107ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Sep 2023 19:18:40 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 10 Sep 2023 19:18:40 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 62ms
60ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230072-FRA
date: Sun, 10 Sep 2023 19:18:40 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2859 35 KB
10 KB 67ms
66ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 10 Sep 2023 19:18:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Sep 2023 08:42:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=48265
Connection: keep-alive
Content-Length: 10209
Expires: Mon, 11 Sep 2023 08:43:05 GMT

GET /
cds.taboola.com/ 0
0

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2859 0
239 B 1047ms
170ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LMDU8UW0-9-APHD
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 7d24643e640b7b50906469aa87bfb2ce
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 952ms
160ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=8690&cid=amp-MTiebCmmjq0udQFjm3trdw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dr=&dt=%E5%A5%A7%E6%96%AF%E5%A1%94%E7%BE%8512%E6%98%9F%E5%BA%A7%E4%B8%80%E9%80%B1%E9%81%8B%E5%8B%A20117-0123%E3%80%80%E9%9B%99%E5%AD%90%E7%9C%8B%E7%B7%8A%E8%8D%B7%E5%8C%85%E3%80%81%E7%8D%85%E5%AD%90%E5%BF%85%E9%A0%88%E6%B2%89%E4%BD%8F%E6%B0%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694373520&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 937ms
160ms Ping
text/plain 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-MTiebCmmjq0udQFjm3trdw&aip=1&sid=1694373520&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 2859
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMDU8UW0-9-APHD&gdpr=1&us_privacy=1---

0
649 B

754ms
158ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMDU8UW0-9-APHD&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 278517A2761740109612ACF5450BEE01 Ref B: ZRHEDGE0822 Ref C: 2023-09-10T19:18:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFBhPhRQKqE0Pj77rz/g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMDU8UW0-9-APHD&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2859
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTk0MWIyNjgzZWEwYTg1ZWEzZWE4MzQyZjhhZmZkMzk0OGVkM2JkZg&gdpr=1&us_privacy=1---

170 B
188 B

313ms
313ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTk0MWIyNjgzZWEwYTg1ZWEzZWE4MzQyZjhhZmZkMzk0OGVkM2JkZg&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTk0MWIyNjgzZWEwYTg1ZWEzZWE4MzQyZjhhZmZkMzk0OGVkM2JkZg&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 2859
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

78ms
77ms

Image
image/gif

54.239.33.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Sep 2023 19:18:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E4G6RAKSNFXG0FF2P0E6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Sep 2023 19:18:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZAF7PCBATEZHP2M1Q8YG
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2859
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/JPDBaNyiYPW1uqAt_jNV2g?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8z7BWNNE2oI__v0wfmD5VqUwV2ZwIAQ1XyHKWg--~A

42 B
740 B

173ms
95ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8z7BWNNE2oI__v0wfmD5VqUwV2ZwIAQ1XyHKWg--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 10 Sep 2023 19:18:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8z7BWNNE2oI__v0wfmD5VqUwV2ZwIAQ1XyHKWg--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2859
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1EVThVVzAtOS1BUEhE&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEGOM-1HDP53LERfuz_J2UZI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EVThVVzAtOS1BUEhE&google_push=&gdpr=1

170 B
188 B

73ms
73ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EVThVVzAtOS1BUEhE&google_push=&gdpr=1

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EVThVVzAtOS1BUEhE&google_push=&gdpr=1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2859
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECaS4_76tR_Y6_zgEiBWhxw&google_cver=1

0
239 B

140ms
140ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECaS4_76tR_Y6_zgEiBWhxw&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESECaS4_76tR_Y6_zgEiBWhxw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 2859
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

168ms
168ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Sep 2023 19:18:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NATX7M71BMXJJDN04YB7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Sep 2023 19:18:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TNX49095HYR6JRPH9W8H
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2859 70 B
148 B 133ms
130ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:40 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CAE 603 B
401 B 1606ms
851ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-20829121323489130499&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3410&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=3008690&ga_hid=1609667580&dt=1694373519459&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&bdt=2771&dtd=25&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 19:18:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 1081ms
325ms Script
application/javascript 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 17 Sep 2023 19:18:41 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C0DA 35 KB
10 KB 579ms
459ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 10 Sep 2023 19:18:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Sep 2023 08:42:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=48265
Connection: keep-alive
Content-Length: 10209
Expires: Mon, 11 Sep 2023 08:43:05 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 738ms
143ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%A5%A7%E6%96%AF%E5%A1%94%E7%BE%8512%E6%98%9F%E5%BA%A7%E4%B8%80%E9%80%B1%E9%81%8B%E5%8B%A20117-0123%E3%80%80%E9%9B%99%E5%AD%90%E7%9C%8B%E7%B7%8A%E8%8D%B7%E5%8C%85%E3%80%81%E7%8D%85%E5%AD%90%E5%BF%85%E9%A0%88%E6%B2%89%E4%BD%8F%E6%B0%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-MTiebCmmjq0udQFjm3trdw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.9631373442037485&gjid=0.1814441172689527&_r=1&a=8690&z=0.7754167459842032&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
18 KB 781ms
261ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:29:48 GMT
x-content-type-options: nosniff
age: 157733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 23:29:48 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 734ms
214ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 04:05:52 GMT
x-content-type-options: nosniff
age: 141169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 04:05:52 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 102ms
102ms Image
image/svg+xml 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:40 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/ 12 KB
0 548ms
145ms Media
video/mp4 185.180.220.207
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.207 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 10 Sep 2023 19:18:41 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 033D 721 KB
231 KB 331ms
329ms Document
text/html 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 215840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 07:21:20 GMT
expires: Sat, 07 Sep 2024 07:21:20 GMT
last-modified: Wed, 06 Sep 2023 19:19:14 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1BB5 40 KB
14 KB 58ms
57ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 18:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 10 Sep 2023 19:22:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CE8E 35 KB
10 KB 358ms
238ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 10 Sep 2023 19:18:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Sep 2023 08:42:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=48265
Connection: keep-alive
Content-Length: 10209
Expires: Mon, 11 Sep 2023 08:43:05 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/ 152 KB
152 KB 489ms
131ms Media
video/mp4 185.180.220.207
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.207 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=16744448-

Response headers

Date: Sun, 10 Sep 2023 19:18:41 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 16744448-16900083/16900084
Connection: keep-alive
Content-Length: 155636

GET
H2 200 AcVLghQMDyNINKgqRMkueJ18l7Zd3nB3uYUEhJWDVpsq%2FwT%2Bl1XaR%2FHZ%2FE5rMSBtYF7xkGTu12wGrPYA%2BmrZOsNPvPQCvdWrivGgYZPo1YwgmUUSL4mbwTH62r%2B4bIc0mJNg5AHXn3ojAYOLmN%2FBm2QdJUeaVfxt%2BsoleN%2FcSRWTLcv4a%2... Show response
ad.vidverto.io/delivery/video/pod/ Frame 1104 46 KB
19 KB 125ms
125ms XHR
text/xml 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/AcVLghQMDyNINKgqRMkueJ18l7Zd3nB3uYUEhJWDVpsq%2FwT%2Bl1XaR%2FHZ%2FE5rMSBtYF7xkGTu12wGrPYA%2BmrZOsNPvPQCvdWrivGgYZPo1YwgmUUSL4mbwTH62r%2B4bIc0mJNg5AHXn3ojAYOLmN%2FBm2QdJUeaVfxt%2BsoleN%2FcSRWTLcv4a%2FSF6j3zxHyL1ly6zZCg9Xfp%2B1%2F0Sjz01nPsztoscLTuG0i06%2BV9sSOeHwm8fTPsSPnrqadv5d18aBS9AfdFwWBm4LM7W%2FUjRa%2BPPy%2Bp5tGjZ74AJuHrSuBHKyYiqQs2438uEIu1XZHqIGW7JM55WOZtw4OjwzUapkKj3f1cAIDdlT%2BedvRuB3%2BBxoODvmnmPM5%2FVUsh0BthwnTr7fEbHVl2knmSYsVLcbBcHC1BbBS8Ja99fzRcCwsJarWFzA%2FPVJ5bq5EfG%2FXIibzOyBU1vvC9DM9Vi5gDvMtv%2F2msAsS2Euay6waj%2FA8E8ItL%2F%2B4eO2rPV0SmNYbqqa9wsOrm9kUX0D2ANZZkQANCDDCUnQr5dJSGozReNdGPnxXcyn8%2BM81J%2BAUqU2WgHN2PUgRes61fCSZQ0cAOWCHEe%2FyS334LA%2FsrwKNoNnUNWjRFUfeqcvYjcp9XzmfIq%2Bel2srsO6zcJ4BjBiA0%2FTPC5sRMiIyNY1rEvKqslnZ9yHdrNUKA7WUJgpW8NOYgRsLrJWBPM4ZMgzyK2RFbSpVVXub2YT8ppbm5e%2FJ6wVYxKAMIpKzc30yUPWPJr1VVyoMv?bids=%7B%7D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e10f140768149249932b2136fa0bff888ac69c1278e388280a437cb5a8b64636

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 1511ms
83ms XHR
application/json 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230910

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f86a8291e8d7ff29f1c4694e6c501ebdb003c609a1f87816a8fac084bf5c1915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11874
x-jsd-version: 1.0.1809
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4583-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"63c-gvCkkqA54Wo40LF+7CXKp1IYtfk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3drKjsTa7xPcHxzjoQtXBOfrP0XA6hRnpzRjqyPGUrD8JcXp3ym19dm0MG%2FPeO9T54OnKGiQvVzEw4Up2kZY%2Bj4UFysqdGV6rqdBhfzJU6Drvav0jIpR%2B0jI6HfcddqvOoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 804a04b4be205274-MXP

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 169ms
168ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-18-193-181-140.eu-central-1.compute.amazonaws.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
454 B 711ms
259ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 8
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 396ms
99ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 804a04adaf86bb13-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 397ms
100ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 804a04adaf89bb13-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
466 B 2824ms
31ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: d430d9c460dbb99e0e58081ba1aa33630a9460e5fc941ce23239a05e18151a6f

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.128.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 171
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 9 KB
5 KB 1352ms
528ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=f4db63ac-580a-45ba-9f62-9bed320cad81%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E5%A5%A7%E6%96%AF%E5%A1%94%E7%BE%8512%E6%98%9F%E5%BA%A7%E4%B8%80%E9%80%B1%E9%81%8B%E5%8B%A20117-0123%E9%9B%99%E5%AD%90%E7%9C%8B%E7%B7%8A%E8%8D%B7%E5%8C%85%E3%80%81%E7%8D%85%E5%AD%90%E5%BF%85%E9%A0%88%E6%B2%89%E4%BD%8F%E6%B0%A3&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=81a5f4f5-1c34-4e31-ae53-a0a146870bc6%3B94bad2fc-4aaf-4ecd-a653-83119b2c0373&l_pb_bid_id=14538a87702cb56%3B15db57fbfde0f1d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=81a5f4f5-1c34-4e31-ae53-a0a146870bc6%3B94bad2fc-4aaf-4ecd-a653-83119b2c0373&rp_maxbids=1&slots=2&rand=0.5659805499141946
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6571e094c1c59a82da5c6039cbf6c1d0c1da834982bb41adcd3a2fd1d8edfb42

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:42 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
494 B 754ms
220ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 10 Sep 2023 19:18:41 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 644ms
247ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b1b8afbcf44b2bd42e9721fc8ce6815f0d16fb95b00ce9a5da0442ef5a6d454c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 10 Sep 2023 19:18:41 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
153 B 591ms
198ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: fa8aed8259c74fc159d8219681cd02171868a4a37d256b6e75e9203b0beb04d0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 476ms
84ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Sun, 10 Sep 2023 19:18:41 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 506ms
114ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Sun, 10 Sep 2023 19:18:41 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 200 cdb Show response
bidder.criteo.com/ 5 KB
3 KB 802ms
275ms XHR
application/json 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=1235143869&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14e8077a5cbb122252a13d2f0ae4f65cdaa94285759f66ca8e547fe819e548e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
307 B 528ms
146ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e820cb5c51fb120bec11ad44d6e29e3df9efed126720cf5786adc7d063576e8

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4X03FML%2FFW8nzogMEOf3P1FSs73lCFL376MLpNqdF3ixMUgJ6YFvwyR8HkzvdX0bGOp3YPsFzINvRfBFquTFiVZXFEbKrjA6DcTTAWzfAu9oEMd5a6feVvUJwSsFeYL8itmDG00U"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 804a04ae480b24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
553 B 500ms
119ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e820cb5c51fb120bec11ad44d6e29e3df9efed126720cf5786adc7d063576e8

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajCQFTm7sb53osXuNuQHRpQ28tvCJQ5mJqc%2Bd2Bc%2BqjGWKW9%2B5ORvYV5iwCRBSXJCzZImsNP%2FmLN7OPS4%2FnKtxD%2F3uanFIjufWuaEWiWvTyhZqEfp%2FZubVl59QcmN9R%2Fl%2FoaUBEB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 804a04ae480d24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
311 B 515ms
134ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e820cb5c51fb120bec11ad44d6e29e3df9efed126720cf5786adc7d063576e8

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZI3bJM3dV9tw4peGeyfu%2BPhxyCJzUdm6p33SwwpKK99ms7OUtfYTZ7YwyExwbDq5S7GqUmYXzea%2FsKkYQILYo7KFeVLlrkqcg6Fzt02OBhoeVFYyzLqBoTNBH%2F8RGSKBBJXG1WZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 804a04ae480e24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
780 B 512ms
83ms XHR
application/json 54.154.135.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=655
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.135.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-135-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
700 B 628ms
203ms XHR
application/json 18.193.181.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&tmax=3000

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.193.181.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status: 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 8 KB
5 KB 189ms
189ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

76db0f8a86f6311b4f5ac1f1e7ef114bc4008ab73d242109b3c5e1ed3dffc68f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: gzip
an-x-request-uuid: 645a91b6-d293-491e-9523-31e33692e45e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 144.2.118.226; 144.2.118.226; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST c
prebid.a-mo.net/a/ 0
0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 36 KB
18 KB 1178ms
670ms XHR
application/json 3.66.134.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.134.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-134-167.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f082cdf476f1f42d647b2c230a87039cb9bfbf78e77a69161b4281f30b568110

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 10 Sep 2023 19:18:42 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 17628

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame CE8E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMDU8UW0-9-APHD
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMDU8UW0-9-APHD
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/4916c726-30ca-3d67-8957-4f018615b02e?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-oFb7QelE2oVYBfwHX_Ex7lDCkzy7CiItF2zXNJA-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

73ms
72ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:43 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Sun, 10 Sep 2023 19:18:43 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
764 B 107ms
106ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=208401&tagid=1047981&crid=-1&noaop=3&sortOrderType=0&cb=1694373521282&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=140898758&pt=1985471307&tz=120&viewable=true&ddast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vG!ul142462-737_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ddbeab2687daccf77f6ca6803f852b1fe9f906a65289af736e49ae9e2a39f85

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1419
x-cache: MISS
x-served-by: cache-fra-etou8220085-FRA
pragma: no-cache
server: nginx
x-timer: S1694373521.303662,VS0,VE41
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET 480_650.mp4
cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/ 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame 1104 0
234 B 1239ms
140ms Ping
image/gif 216.58.208.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmdu8w4r&c=6761231473545&slotId=3380615736772.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par10s21-in-f195.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1104 156 B
196 B 1428ms
730ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1002103018266777&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FDCVKY8o8XlVWTFjByv6K_Q%3A1694377118%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=4C876A1E-98D5-4796-B683-DE0F7CE60DDA&a3p=EhkKCnB1YmNpZC5vcmcYxLaghKgxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNGxoISoMUgAUgIIZBIZCgp1aWRhcGkuY29tGNCxoISoMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkMDgxWjJaUGIxTlJUVmRaUTNaM1F6SndRalZPVVQwOUluMD0Y4rmghKgxSAASGwoMaWQ1LXN5bmMuY29tGMy5oISoMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=1694373521355&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&scor=2282389744221290&ged=ve4_td4_er921.240.922.960_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1104 156 B
186 B 1470ms
774ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1002103018266777&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FDCVKY8o8XlVWTFjByv6K_Q%3A1694377118%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=4C876A1E-98D5-4796-B683-DE0F7CE60DDA&a3p=EhkKCnB1YmNpZC5vcmcYxLaghKgxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNGxoISoMUgAUgIIZBIZCgp1aWRhcGkuY29tGNCxoISoMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkMDgxWjJaUGIxTlJUVmRaUTNaM1F6SndRalZPVVQwOUluMD0Y4rmghKgxSAASGwoMaWQ1LXN5bmMuY29tGMy5oISoMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=1694373521358&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&scor=2282389744221290&ged=ve4_td4_er921.240.922.960_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame 1104 65 B
747 B 1326ms
630ms XHR
text/xml 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=1743473&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 1104 156 B
740 B 1384ms
690ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1002103018266777&cust_params=mt_fln%3D1.8&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FDCVKY8o8XlVWTFjByv6K_Q%3A1694377118%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=4C876A1E-98D5-4796-B683-DE0F7CE60DDA&a3p=EhkKCnB1YmNpZC5vcmcYxLaghKgxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNGxoISoMUgAUgIIZBIZCgp1aWRhcGkuY29tGNCxoISoMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkMDgxWjJaUGIxTlJUVmRaUTNaM1F6SndRalZPVVQwOUluMD0Y4rmghKgxSAASGwoMaWQ1LXN5bmMuY29tGMy5oISoMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=1694373521360&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&scor=2282389744221290&ged=ve4_td4_er921.240.922.960_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1104 156 B
186 B 1629ms
937ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1002103018266777&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FDCVKY8o8XlVWTFjByv6K_Q%3A1694377118%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=4C876A1E-98D5-4796-B683-DE0F7CE60DDA&a3p=EhkKCnB1YmNpZC5vcmcYxLaghKgxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNGxoISoMUgAUgIIZBIZCgp1aWRhcGkuY29tGNCxoISoMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkMDgxWjJaUGIxTlJUVmRaUTNaM1F6SndRalZPVVQwOUluMD0Y4rmghKgxSAASGwoMaWQ1LXN5bmMuY29tGMy5oISoMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=1694373521362&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&scor=2282389744221290&ged=ve4_td4_er921.240.922.960_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 1104 156 B
227 B 1420ms
729ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1002103018266777&cust_params=mt_fln%3D1.3&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FDCVKY8o8XlVWTFjByv6K_Q%3A1694377118%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=4C876A1E-98D5-4796-B683-DE0F7CE60DDA&a3p=EhkKCnB1YmNpZC5vcmcYxLaghKgxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNGxoISoMUgAUgIIZBIZCgp1aWRhcGkuY29tGNCxoISoMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkMDgxWjJaUGIxTlJUVmRaUTNaM1F6SndRalZPVVQwOUluMD0Y4rmghKgxSAASGwoMaWQ1LXN5bmMuY29tGMy5oISoMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=1694373521363&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&scor=2282389744221290&ged=ve4_td4_er921.240.922.960_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1104 156 B
186 B 1812ms
1124ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1002103018266777&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FDCVKY8o8XlVWTFjByv6K_Q%3A1694377118%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=4C876A1E-98D5-4796-B683-DE0F7CE60DDA&a3p=EhkKCnB1YmNpZC5vcmcYxLaghKgxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNGxoISoMUgAUgIIZBIZCgp1aWRhcGkuY29tGNCxoISoMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkMDgxWjJaUGIxTlJUVmRaUTNaM1F6SndRalZPVVQwOUluMD0Y4rmghKgxSAASGwoMaWQ1LXN5bmMuY29tGMy5oISoMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=1694373521365&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&scor=2282389744221290&ged=ve4_td4_er921.240.922.960_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-156-158.compute-1.amazonaws.com

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 1152ms
172ms Fetch
application/json 3.233.156.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvYW8tc2ktdGEtbHVvLTEyeGluZy16dW8teWktemhvdS15dW4tc2hpLTAxMTctMDEyMy1zaHVhbmctemkta2FuLWppbi1oZS1iYW8tc2hpLXppLWJpLXh1LWNoZW4temh1LXFpLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
875 B 143ms
143ms XHR
text/html 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvYW8tc2ktdGEtbHVvLTEyeGluZy16dW8teWktemhvdS15dW4tc2hpLTAxMTctMDEyMy1zaHVhbmctemkta2FuLWppbi1oZS1iYW8tc2hpLXppLWJpLXh1LWNoZW4temh1LXFpLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Sun, 10 Sep 2023 19:18:41 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=92, ak_p; desc="1694373521462_389467673_767676533_9667_1602_29_0_219";dur=1
content-length: 555
expires: Sun, 10 Sep 2023 20:18:41 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
635 B 1171ms
54ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-52.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 18:54:37 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1446
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: NDBccRQrnA55DH_X8qc0VaMjxGxTxVdo649ZwYSbuwL4CP1MAUqLbA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 73ms
72ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c433dce9f5b30668dc09cf1303634a6f3eef0b251d4b4ebac639ba260fcdc672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Sep 2023 19:18:41 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/ 228 KB
0 41ms
41ms Media
video/mp4 185.180.220.207
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.207 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=32768-

Response headers

Date: Sun, 10 Sep 2023 19:18:41 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 32768-16900083/16900084
Connection: keep-alive
Content-Length: 16867316

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 105ms
104ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=1609667580&cid=227825893.1694373518&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694373521&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=%E5%A5%A7%E6%96%AF%E5%A1%94%E7%BE%8512%E6%98%9F%E5%BA%A7%E4%B8%80%E9%80%B1%E9%81%8B%E5%8B%A20117-0123%E3%80%80%E9%9B%99%E5%AD%90%E7%9C%8B%E7%B7%8A%E8%8D%B7%E5%8C%85%E3%80%81%E7%8D%85%E5%AD%90%E5%BF%85%E9%A0%88%E6%B2%89%E4%BD%8F%E6%B0%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1104 0
54 B 401ms
140ms Ping
image/gif 216.58.208.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmdu8wcf&c=6761231473545&slotId=3380615736772.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par10s21-in-f195.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 1104 42 B
175 B 299ms
71ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel;r=1597437290;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html;uh=e51ed67dfb8d...
pixel.quantserve.com/ 35 B
371 B 60ms
28ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1597437290;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-658875504-1694373521568;pbc=f4db63ac-580a-45ba-9f62-9bed320cad81;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694373522744;tzo=-120;ogl=;ses=db6715ae-c94f-47b4-a02a-8e4c8eb53647;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1104 0
45 B 81ms
79ms Ping
image/gif 216.58.208.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmdu8wzp&c=6761231473545&slotId=3380615736772.5&faa=1&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par10s21-in-f195.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 1104 42 B
174 B 240ms
72ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 1104 42 B
174 B 200ms
74ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 1104 42 B
174 B 198ms
72ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 1104 42 B
174 B 157ms
73ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:42 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/
Redirect Chain

https://onetag-sys.com/usync/?tag=img
https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&google_hm=MTRkOTBiNGMtMGJkZC00M2E2LTlhODItOWViZmQyMzlkMGM0
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECuBqMBW2-Aqlk6LknWyHvk&google_cver=1&ssp=onetag&bsw_param=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4
https://onetag-sys.com/match/?int_id=30&uid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&gdpr=&gdpr_consent=&us_privacy=

0
291 B

31ms
30ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=14d90b4c-0bdd-43a6-9a82-9ebfd239d0c4&gdpr=&gdpr_consent=&us_privacy=
date: Sun, 10 Sep 2023 19:18:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 1104 0
45 B 100ms
100ms Ping
image/gif 216.58.208.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lmdu8xff&c=6761231473545&slotId=3380615736772.5&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par10s21-in-f195.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 1104 42 B
174 B 54ms
54ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:43 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 1104 42 B
174 B 53ms
53ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:43 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 84A0 721 KB
231 KB 27ms
26ms Document
text/html 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 215843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 07:21:20 GMT
expires: Sat, 07 Sep 2024 07:21:20 GMT
last-modified: Wed, 06 Sep 2023 19:19:14 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 542B 40 KB
14 KB 31ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 18:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 10 Sep 2023 19:22:16 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/ 12 KB
0 36ms
35ms Media
video/mp4 185.180.220.207
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.207 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 10 Sep 2023 19:18:43 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 84A0 156 B
186 B 384ms
382ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=185324139049537&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3976201203&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FDCVKY8o8XlVWTFjByv6K_Q%3A1694377118%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=DAF5BC6C-9134-4C9D-AA81-74C1750B7666&a3p=EhkKCnB1YmNpZC5vcmcYxLaghKgxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNGxoISoMUgAUgIIZBIZCgp1aWRhcGkuY29tGNCxoISoMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkMDgxWjJaUGIxTlJUVmRaUTNaM1F6SndRalZPVVQwOUluMD0Y4rmghKgxSAASGwoMaWQ1LXN5bmMuY29tGMy5oISoMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=1694373523363&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&scor=1117828114071763&ged=ve4_td6_tt2_pd6_la6000_er922.240.923.960_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 96ms
95ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

cafe /

Resource Hash

b7d17928d74c6c45414c3af19b2d811183540b0c348d875338c01e9e2b9a7152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11781
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 42ms
42ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=8690&cid=amp-MTiebCmmjq0udQFjm3trdw&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dr=&dt=%E5%A5%A7%E6%96%AF%E5%A1%94%E7%BE%8512%E6%98%9F%E5%BA%A7%E4%B8%80%E9%80%B1%E9%81%8B%E5%8B%A20117-0123%E3%80%80%E9%9B%99%E5%AD%90%E7%9C%8B%E7%B7%8A%E8%8D%B7%E5%8C%85%E3%80%81%E7%8D%85%E5%AD%90%E5%BF%85%E9%A0%88%E6%B2%89%E4%BD%8F%E6%B0%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694373520&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=11455&epn.domain_lookup_time=32&epn.tcp_connect_time=1117&epn.redirect_time=1&epn.server_response_time=3279&epn.page_download_time=1&epn.content_download_time=4462&epn.dom_interactive_time=4462
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
118 B 28ms
26ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E5%A5%A7%E6%96%AF%E5%A1%94%E7%BE%8512%E6%98%9F%E5%BA%A7%E4%B8%80%E9%80%B1%E9%81%8B%E5%8B%A20117-0123%E3%80%80%E9%9B%99%E5%AD%90%E7%9C%8B%E7%B7%8A%E8%8D%B7%E5%8C%85%E3%80%81%E7%8D%85%E5%AD%90%E5%BF%85%E9%A0%88%E6%B2%89%E4%BD%8F%E6%B0%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-MTiebCmmjq0udQFjm3trdw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=11455&dns=32&tcp=1117&rrt=1&srt=3279&pdt=1&clt=4462&dit=4462&a=8690&z=0.01595233981730737&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 18:34:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2643
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 84A0 0
54 B 59ms
58ms Ping
image/gif 216.58.208.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmdu8xv4&c=6761231473545&slotId=3380615736772.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par10s21-in-f195.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 561ms
47ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 19:18:44 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/ 3 MB
0 288ms
82ms Media
video/mp4 185.180.220.207
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/DCVKY8o8XlVWTFjByv6K_Q:1694377118/1327/video/1811/480_650.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.207 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=262144-

Response headers

Date: Sun, 10 Sep 2023 19:18:44 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 262144-16900083/16900084
Connection: keep-alive
Content-Length: 16637940

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 36ms
35ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9hby1zaS10YS1sdW8tMTJ4aW5nLXp1by15aS16aG91LXl1bi1zaGktMDExNy0wMTIzLXNodWFuZy16aS1rYW4tamluLWhlLWJhby1zaGktemktYmkteHUtY2hlbi16aHUtcWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTY3OTkyMWVmLTNmYmUtNDAyZC1hNzU4LTQ2YzRiOWViNjFhYyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNDNiYmViNTYtNjliYi00YTk0LWI0Y2UtNGE3ZTM1YjYwMjNiIiwidGltZU9mQXVjdGlvbiI6MTY5NDM3MzUyMTIwOSwiYmlkcyI6W3siY3BtIjowLjI3ODc1NDUwMjUzNDg2NjMzLCJhZElkIjoiNzc3NjcyYTlkODY0Njg5Iiwib3JpZ2luYWxDcG0iOjAuMjc4NzU0NTAyNTM0ODY2MzMsImJpZGRlciI6ImNyaXRlbyIsInJldmVudWUiOjAuMDAwMjc4NzU0NTAyNTM0ODY2MzUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjgwNywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQzNzM1MjIwNDd9LHsiY3BtIjowLjAyOTYwNTUwMDAwMDAwMDAwNywiYWRJZCI6Ijc5YmI3N2I1MjUwYTJjNCIsIm9yaWdpbmFsQ3BtIjowLjAzNDgzMDAwMDAwMDAwMDAxLCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjk2MDU1MDAwMDAwMDAwMDYsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjExODUsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MzczNTIyNDQzfSx7ImNwbSI6MC4wMiwiYWRJZCI6IjgyMGExODQ3YjVjN2UxZiIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTM2MywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQzNzM1MjI1ODh9XSwidGltZWRPdXRCaWRkZXJzIjpbImFteCJdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJjcml0ZW8iLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc3NzY3MmE5ZDg2NDY4OSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAyNzg3NTQ1MDI1MzQ4NjYzNX0seyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI0M2JiZWI1Ni02OWJiLTRhOTQtYjRjZS00YTdlMzViNjAyM2IiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk0MzczNTIxMjA5LCJiaWRzIjpbeyJjcG0iOjAuMDg3MTksImFkSWQiOiI3NTg3ZjU4MTljNzE4ZSIsIm9yaWdpbmFsQ3BtIjowLjA4NzE5LCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDg3MTksImZvcm1hdFR5cGUiOiJuYXRpdmUiLCJyZXNwb25zZVRpbWUiOjIwMSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQzNzM1MjE0NTZ9LHsiY3BtIjowLjE2NzIxMjkwMzQ5OTYwMzI3LCJhZElkIjoiNzg1ZjgwMWUzNjA3YzMzIiwib3JpZ2luYWxDcG0iOjAuMTY3MjEyOTAzNDk5NjAzMjcsImJpZGRlciI6ImNyaXRlbyIsInJldmVudWUiOjAuMDAwMTY3MjEyOTAzNDk5NjAzMjgsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjgwOCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQzNzM1MjIwNDh9LHsiY3BtIjowLjAyMzQ4NTUwMDAwMDAwMDAwMywiYWRJZCI6IjgwMGVlOWM5ZDQzYzIxMiIsIm9yaWdpbmFsQ3BtIjowLjAyNzYzMDAwMDAwMDAwMDAwMiwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDIzNDg1NTAwMDAwMDAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoxMTg2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDM3MzUyMjQ0NH0seyJjcG0iOjAuMDMsImFkSWQiOiI4MWRlMTIxNmQ3MTg2MWQiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoxMzYyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDM3MzUyMjU4N31dLCJ0aW1lZE91dEJpZGRlcnMiOlsiYW14Il0sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImNyaXRlbyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzg1ZjgwMWUzNjA3YzMzIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDE2NzIxMjkwMzQ5OTYwMzI4fV0sImNvdW50cnkiOiJDSCJ9&c_b=11968.79999923706
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
89 B 538ms
195ms Image
text/plain 54.144.115.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1694373524226&eid=8395155d2c07684
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.115.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-115-246.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 588ms
588ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3701191947948741&correlator=4347572365672301&eid=31077099%2C31077595%2C21065725&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&arp=1&abxe=1&dt=1694373524243&lmt=1694366324&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsmeTVnVSEFph1rypaUJnxa25bi9SGe_b3KwU4GKtm0X&ga_vid=227825893.1694373518&ga_sid=1694373518&ga_hid=1609667580&ga_fc=true&dlt=1694373516688&idt=808&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.27%26hb_ap_adid%3D777672a9d864689%26hb_ap_bidder%3Dcriteo%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3805778231&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8258cef5c3fc9df0910b2bddd9692f1bf30c227b4cd1d42f46e4209489419e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11954
x-xss-protection: 0
google-lineitem-id: 5221734872
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138441555775
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 340ms
340ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3701191947948741&correlator=4347572365672301&eid=31077099%2C31077595%2C21065725&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7ef566ee2b9a9b72%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_Mawarq7WfqRTyjhe88JtNAxNkmRKA&gpic=UID%3D00000c71b1f81c25%3AT%3D1694373517%3ART%3D1694373517%3AS%3DALNI_MYZEEZ08yucCudrG5gfdnPGMv_oHQ&arp=1&abxe=1&dt=1694373524247&lmt=1694366324&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsmeTVnVSEFph1rypaUJnxa25bi9SGe_b3KwU4GKtm0X&ga_vid=227825893.1694373518&ga_sid=1694373518&ga_hid=1609667580&ga_fc=true&dlt=1694373516688&idt=808&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.16%26hb_ap_adid%3D785f801e3607c33%26hb_ap_bidder%3Dcriteo%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A7587f5819c718e%26hb_native_image_appn%3Dhb_native_image%253A7587f5819c718e%26hb_native_body_appne%3Dhb_native_body%253A7587f5819c718e%26hb_native_title_appn%3Dhb_native_title%253A7587f5819c718e%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3374688892&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

074d7365d46463b172aefdbcfbd1d82ee2fade75a6e5458572ef4c48f450d42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11959
x-xss-protection: 0
google-lineitem-id: 5221734857
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440835884
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 73ms
73ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Sep 2023 19:18:44 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3EC2 15 KB
6 KB 76ms
76ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 19:18:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 934778
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 590ms
80ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-17d52"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Sep 2023 19:18:44 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
784 B 118ms
90ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=208401&tagid=1047981&crid=-1&noaop=3&sortOrderType=0&cb=1694373524351&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=140898758&pt=1985471307&tz=120&viewable=true&ddast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vG!ul142462-737_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 548311b14a7a2c151473026b3b37cbafb7fac217d51b68d916a8a14a52ff612c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
content-encoding: gzip
server: nginx
machineid: 1491
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A3A 13 KB
5 KB 54ms
53ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 10452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 16:24:32 GMT
expires: Mon, 09 Sep 2024 16:24:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C558 829 B
1 KB 596ms
79ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

95548c4bf625f66320139e2d2f07ef7df0c449f780f604841d9476edc4eae97e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TaX2PPjjuZYPFFNeE4V_GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-TaX2PPjjuZYPFFNeE4V_GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 19:18:44 GMT
expires: Sun, 10 Sep 2023 19:18:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 3EC2 431 B
553 B 119ms
119ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=vdy22V8xOXF6bSUyRlRGQzdHayUyQmJnbVJ0QlhqTGdNWTAzeU5VcnVtYXN3NklHNnV3b1hsZUxPdnEzeGt4UyUyRjJXUkphRml0Qk1PU0dGMkdTbW5EOHElMkJZM0FuVVJoUjBsdHI5NjZsJTJCUGNIUE40T1plQ1M0TWVqaGtHQ0ZpUWM1SFRpa3ZKTk9HQXZnMTFpMGVqMDk2QVFPdE5QOVZnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

407d6e330e411f8c624ad31e5c5f6fc04c0e0529eb6723f03d082a10d5dc4d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1049211
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 84A0 0
54 B 88ms
88ms Ping
image/gif 216.58.208.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmdu8y7d&c=6761231473545&slotId=3380615736772.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par10s21-in-f195.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A3A 37 KB
15 KB 32ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 16:24:32 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 7A3A 0
40 B 30ms
29ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EVCAHw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
262 B 167ms
166ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=10143&tvi50=11104&route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 61
date: Sun, 10 Sep 2023 19:18:44 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59348
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220085-FRA
pragma: no-cache
server: nginx
x-timer: S1694373525.622636,VS0,VE61
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CFD 0
0 83ms
83ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvzBCGdxnKErrjHRSDmUbqtKVzM0IDUIzPWAqSCU93gh7mKUuJpFA4Bn9eyLhNQoA51zpI5HJs3sCA1iiat9Cn9qllOJZV3hZ_Ct7CRfz4EKguAEjMYtviPeip7Qt2tGZpQ54fufh9e6z-iVmNmgcSgHbZ0vzWdq3DyEWTezYnPghbNOCi0BgAc6cdmLCf607Sfo6Fw6Cq11Y_hoOl6Qpx3m3QLBcGN8iDLcreiuAyZMfoHEl5APtTQyhZkH001WGBDPOy6dvZZCuLD_GYACMY_V5kedZvI40FpQe-RcO4SQIHE2KqQjeeFsS72kXugrSk&sai=AMfl-YSzyXE1Q6rrGLCqg-6tfXi9mub6luZUM4WdWH7IzhWvZdz8VnvgicJYimXj6R-PXfxx471vhUyVlbF-KjbKlRsBWgt_K6cXKIZQCMgSQeYS7TGPuihgmmt6xWJ7Qg&sig=Cg0ArKJSzN5uJZvsbtFxEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-156-158.compute-1.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 157ms
157ms Fetch
application/json 3.233.156.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7384 126 KB
45 KB 688ms
138ms Document
text/html 178.250.7.4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7479b225afb1fcf686d0aadf9682de0eaffad9b3fcb233f0feacbb6f57e08773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 19:18:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jbxSW9tKo0mjHH3guvzBc0NoEQI98DRfhjqxWa2OlZNki2aKnP1uf7dOo54juVNk9byaaEYgAkvid7YWZe4YnkVXdwLUIwoP3nFLisrW5oVIkIy3kand5pqU8TWT9Sheq7p3ET8YGWf1Loko4yOPajX09ZWRBUtGa_8HQHY58QLjAHRycX_pNUnu4hd5D8VK0-HzdLnS4KkUUOu42GZEinektOPtAO8JpnghufntDBcGb0FR4y61lhJfGKrRugy5pqH3Ww"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 52394758
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CFD 181 KB
57 KB 59ms
57ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 19:18:44 GMT

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 47ms
46ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9hby1zaS10YS1sdW8tMTJ4aW5nLXp1by15aS16aG91LXl1bi1zaGktMDExNy0wMTIzLXNodWFuZy16aS1rYW4tamluLWhlLWJhby1zaGktemktYmkteHUtY2hlbi16aHUtcWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTY3OTkyMWVmLTNmYmUtNDAyZC1hNzU4LTQ2YzRiOWViNjFhYyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6ImNyaXRlbyIsInJldmVudWUiOjAuMDAwMTY3MjEyOTAzNDk5NjAzMjgsInJlc3BvbnNlVGltZSI6ODA4LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJjcml0ZW8iLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDE2NzIxMjkwMzQ5OTYwMzI4LCJ3aW5uZXJBZFVuaXRJZCI6Ijc4NWY4MDFlMzYwN2MzMyIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbNSwzXSwic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiOTcweDkwIiwicHJlYmlkQXVjdGlvbklkIjoiNDNiYmViNTYtNjliYi00YTk0LWI0Y2UtNGE3ZTM1YjYwMjNiIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=12349.400001525879
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 tpd
cat.fr3.eu.criteo.com/ Frame 4CFD 43 B
462 B 276ms
46ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/tpd?dd=PPc6g19PVTUzcEElMkZURjNORGQ4eGZQSFh5VjJTSlNUaXNURCUyRlNEZld6SjdTYklXWkt6d0JqSHRIOWpMUDFKYUJDVndMTVpJblU0cXAwWTVVbDNGVDZZUHh0eEdSb3FmRG42ajVmVmR0OFl4WGpwdk9rSVN2VGd2T08yR2JlbDFGY1JoMVdjcHhrQTV0TyUyRjB0OTBwSjhzMSUyRlN0RUFKRHFJa1ZjT3olMkJaSmpiT3p6T0w3eVElMkY2MlQyNVdCTTA5TUdyM0tOek9MclVEUDdCSWZrOFBQbGd5aCUyRkJsb2hMeEFOUzRreGFBOHg1ZkZMbWlCdUtmWVVWRWFNVWNna3hwTkpkdHRkVUQyZkFJNXd3WmR0JTJCYjhOZHRPd2RoVEsyckZjZWJCZmhLZ3Y1RXVjbHVnQVB4OTFqR0dCYmxFNGhzYWV5JTJCczFBa1YlMkY3MjIya1ZZVTMyVVFqdTNEaHRzVW5KMk9ieDQ4MzE0NDNKbUJTeEgzRSUyRjdvWWp2eUVscTlwbXB1RG5PWG5kYUE4eSUyRnpFb0xVdW43cG0yR0ptU3BreHVsWjFQZnZlaGloclJ3ZjRheWc4enVUcUI0S3ZoclJHQnpubHlUWm9FREJkZE5TeG9ESFFib1UlMkJSbUNPUW1leWh1M0REcVAzZWdlS3pSSXJqZExUNFNhS1p2SFBjSTE5MG5YamV2V0dy

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 164046
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CFD 0
0 128ms
128ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnDQWuoeOJgRW-foSxcbPgkuGXKFRaVpJsOu-MT8-TQNFXBs_5BbKqjb12O2oMOwAGns_fMSzLqDb87MAcIP3f5A5ooFbSAC5Ld3D_U3TOIl738UjRcH0LVWt8oR-hMe0Ce1l9klxUYh631f-t9v-P01XkYLAtPujVfjyaQqPNVjwTDSrk3CCgkzvW7KuDXXI4yQbf2yvVtC9clB-4WIoRgZQ720NU75AeR3fpl9OzmYtNEp7QXdPI4zcfYoGnHbtf90xCn_Fy8Mh8T48UvwSvaREsIXJO5PjgMGUWtgwSCayXSN8kgqWJoUJfRfwl_N04eFQ&sai=AMfl-YQ-dhtqCg36OHm2oBiZ0Qud08L1ESzAjxrYgpE_U_zGkXNWAQXiadd2c3Vw6FfwnqwHKMD5_Z9GVrGSmu93URXofhiaLgBOvaB6OCxo1Rp00q3kZNvUsKzOBBUvvQ&sig=Cg0ArKJSzLySYmbsHKLHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 19:18:44 GMT

GET
DATA 200
OK truncated
/ Frame 4CFD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 977f2b2c84f88881ef2f4c8ed3c1e1797db61d64c72954dd63f081183225d2b3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0935 0
0 119ms
118ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssb88fjKvg0UaVbjFEO9eHWjGwQ1POxK8MsQdyvHNcMAC--vi4qwK1BReO_s7EQa_43q2PCVyeZWhWfH8PrGgX28Qc0joGisC79v-w8EEbOgoLP8DZM0uf1qu1YIdZjk6Oxv6I_R3o0WyUx4cph-0d9rl2_qkHUJa_h6e4zgs6bT7aseeBQ-0uDkwC46pOlUJU0WRzbCnMjUAS8iMUj8KoFgNgbwX_wlPES5VmcW3thWlgipO7zJ4_smPjL05kJyjnqDsqUIP4oaS-JBKwDmxHlX1jkzAExvN2On8jS-Lh9Fa6yZU2w-f9t9QAC1UqBm0ts&sai=AMfl-YQW1hl27RxflTB4tQNXThQvL5L5ve8Zpf4XRkwAED0eqjDTa_jPiEIPaibwJqdopuMeinArQJ5j0wql54vXg6IW6PmRiurSPbmkgKe09dScfA8EHWNsAwWXcLhjBw&sig=Cg0ArKJSzPtBJ8fJQ_DIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-156-158.compute-1.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 132ms
131ms Fetch
application/json 3.233.156.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 81F1 118 KB
43 KB 416ms
111ms Document
text/html 178.250.7.4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44d98d3fcb94389b855775df6725729640366754eb9864e5b8d38736958991aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 10 Sep 2023 19:18:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZRl3Q9tKo0mjHH3g0S-M5F0YTLpMRm2fnitK5arQUC790sfbcLDe5OiS8fpqEZr4JjvDiSfRQ4Y9iY1Nfp0SOlBOu-NM5ME2zDMWPfnp6QpatjvFuTobty8HLr-5rIPscTtcNqTW1Rx5O9_x8ACl-ufeR5YPxGKhBzXadOWElBLMkC29_FED5nPZVauT55YUH2OpyrKCqZjtg36T56B2qhSeXJuAvenEZMIYd5nUiSmXT-ulj_hZ9ty3_1saRVorsPN3eA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 49159466
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0935 181 KB
57 KB 39ms
38ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 19:18:44 GMT

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 40ms
39ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9hby1zaS10YS1sdW8tMTJ4aW5nLXp1by15aS16aG91LXl1bi1zaGktMDExNy0wMTIzLXNodWFuZy16aS1rYW4tamluLWhlLWJhby1zaGktemktYmkteHUtY2hlbi16aHUtcWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTY3OTkyMWVmLTNmYmUtNDAyZC1hNzU4LTQ2YzRiOWViNjFhYyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6ImNyaXRlbyIsInJldmVudWUiOjAuMDAwMjc4NzU0NTAyNTM0ODY2MzUsInJlc3BvbnNlVGltZSI6ODA3LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJjcml0ZW8iLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDI3ODc1NDUwMjUzNDg2NjM1LCJ3aW5uZXJBZFVuaXRJZCI6Ijc3NzY3MmE5ZDg2NDY4OSIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjcyOHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiI0M2JiZWI1Ni02OWJiLTRhOTQtYjRjZS00YTdlMzViNjAyM2IiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=12595.5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 tpd
cat.fr3.eu.criteo.com/ Frame 0935 43 B
461 B 43ms
42ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/tpd?dd=M0kL0V9PVTUzcEElMkZURjNORGQ4eGZQSFh5VjJTSlNUaXNURCUyRlNEZld6SjdTYklXWkt6d0JqSHRIOWpMUDFKYUJDVndMTVpJblU0cXAwWTVVbDNGVDZZUHh0eFBRMXVqeHlRJTJCOXRlR3FyVjdOakwlMkJhN2w0WkFjSjJiTFFpeGRhVUZNeFB0dWZKbTd5WmJRJTJCbm0lMkI3RHlvUHFxNTdIS01EUElQQmRQJTJCU2hBZHVsJTJGaXIzbGxEenZLVzlFMFB3Q3hSOVg1aiUyRk9OJTJGRE1GYzIlMkY0OXdWNlo2Q0I4NGMxJTJCZXRFVEFnZWFabTVIZ0hxazdMVnRSTUo4R2RhdlFPZVdtU0dpJTJCck1aUVRtWVolMkJNSG1HZ0xYJTJGUlh4VVlpd2YycDhtWkpZYWhTWmJaQ0poQmpJaTVJUDdybERGNzlIQ1ZjY0U4Ym1lM042N3VWNlVZRlJQb1FLR0pqVk1SQ28yWFdLMVFzSzJIc0tQZE1MY1lXZmx0c3ZIQ3d2ZmRISDNNQ2N0Y3ZNVXUzaEJ1aHBMWnJkZkFMWGtLSWhZOHFtJTJGWHFpYVRmTnM2TllrM0YwdUpFQXFHZms0blFjTnhZbG5LRDhBJTJGVDM5N3NFbiUyRjZHUkczamdabmpxZWRNR2hoTXdUTDJRdTVnbUpWUzF6a0ZodUtNJTJCenNINUpFMktmS3FpJTJCMDFNeVo0MSUyQkszNE5LdTRHZGhOejQzaHhjSGNMJTJCYTdaQSUzRCUzRA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 210544
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0935 0
0 113ms
113ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstA_lW5MHDyVE1ycPepFWfjCNHSRWRmaXhpGjt1xUaGrCj34anJ-Ddu_QkrJVRY6WHuTCDJR12rvpGwxnEp9M9cB6rLl3e-I5854Qqlusk3XaCYSYy5cmzCwMijRC0YXAax6fTalYkSfMf-ltKprL4I93_lSmpdK5tK7XJu6odJvy_tHyzdBbgkhsa8IEKin4zgWleFVsZo9JQysKigfqvT-ZJ-5lPAYCxAAxQ-bUsvbZSJefgC9r5s8YPcAFjvBdSuCoFEPzz8mA-rcK5g7EoMKxP0ZUgzyAvpje4HhpiZHuVuwqQ1BBNnigeFPQ9mAx5M1jI&sai=AMfl-YQsxySd6ffB46N3wiuvvXui1jrThegX6QKal2byR4udNMKxB_hYbUpXs-zeU4IQf4SItUs90kT5NeyMoxyboNOSF9KUojAipESun0ACPUIIfaoFXWkjBy6xAXKllQ&sig=Cg0ArKJSzMej1A5elzjxEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Sep 2023 19:18:44 GMT

GET
DATA 200
OK truncated
/ Frame 0935 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d801896e42bf4e5f7b278f628997361268718c2e13b97c495f6d1e38fd8338a1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C558 0
0 160ms
160ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=3701191947948741&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 148ms
148ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=3701191947948741&bg=!j4yljMPNAAa6D61Rmg87ADQBe5WfOD7wDZJXb27UlIP3LlSzEwGS5if55Szsi7E9gIhN97Zt11VOwNzLqvwckvew3ARuAgAAAF5SAAAACmgBBwoAdkX0KnXdl0Gu4iFL05PNyGhAi5GeUY-GToS1B-lzzIASTU3YU7L9H9cz5irlunRQB96FvlDq8mzPiL2WbCfldWyjaSkonsRDbaKrSf1wj4tsT4c5vyovL0G-G0ffmYvkiAE-94VF-aql-MfOV5qUVSPDOqzEv9-ZAri2mI3wrLcV7EOMxGnxaKC6m_blCU1OV7h36rS1BvwTfUB5rox6Y6v0Ohnyxgo6NDJmw0smKPLqy8bhZ7crlEEftldcMDikwfrvZwr9-p-3YVDHvY7jre1caqhSpJlyZcEDxISBMHlYLZmWOQkTeTCEwDv1_-4vlIbIqRIDXRYyHQp9jWX5ehxOux8KE6w4Jdt0x5bEKCKRHFrA-GjJ6EeE7-gemSmCPxEkVo9k68b_aqnl6KRjcfhBPEhOLoloT-C-Lh1ExNOnEkg0GNS-DGyXgs0Enmmp0a-mowJ8xtI2X5sFekaKqytXX3Fq2nJXHtHEbvS3u5Yt9vwYcmLbwiG4KkhUmEcy3m-sBqDXsnNfzb32XL7ZjJOEnTju9WlHfwK2EMSKRBSdHnRbeM6N4cxOXSYGPvDcfnJXPPoDFc4jwMJ1RnuAA5nLCrj4p8TLh826RTyjtxtx1mLISK8FXhEEj34MJzXXllfG-hgv5r7vYHUlSFQ4NvZ96bZnfZMS4ADrCqKP84SFH5zP0tFmBbjJA0XGnNdK405P3do3Iv2Q33NVLaCDzyChPWXLw1fzoBFDLY6uRfz3Lo2NyBZbm_n2LpkhuJmVjL6XKCLw4enQW44A70VkaM2b0U-mw4GnsoLbHTuiTA6Jku7fsfIunpUskwZKe90rZUVQg7CNadkMaPaTcpM1d3WorfVUpHfF_TC_zaijFClXtocbcNcDcj0yL-jeRFydpbObnLWBLGw4VFS6DaBMIHmbr4BHPMs_lCKbMCQinCU7hO5ZSPPOQYsPgjrmMV4MBzFct504puXtzEiWRm6ACZKjnuUDTf2uYqNtf4r_P6AtPQqiZxgYbhxglxZd7PQGNWmPVkME76D3nq94fDqYXM-nJcmaQarq1IrI2kEIKI2G7tynncv2BztO7fmlFfuLnvE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 81F1 2 KB
1 KB 113ms
112ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 81F1 2 KB
1 KB 112ms
111ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 81F1 308 B
636 B 155ms
154ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 81F1 293 B
621 B 315ms
314ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 81F1 43 B
347 B 304ms
304ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=45ZtHNE8BhPtoAeWkMNGH_WePgS8AzjuUMoKjgQLxR_7jm4pbXoRE_qVH3aIIXW71eGACXoJlAxML-1d-j3Mq-2XRluXx7aKQy5CRifPAvp8fsu4IgGpJcBN8lWss0evdLoetypnxsvkB8-ytlObL-fHohcUWx44-tUor3n7pH8oS94QXDebu-PCSX9LdOAqDRFVSaUc9V3KUzgMTQ297aICizUNVpNh4gIhGh9493ChmOdqyMWpcaIJTUgMoOEM6vBdihR8ULJIoB-QI43NwFFLLz8A3khscC49BlGC12OW3FLgaBdVH30Mcfib6f4hqfJga1Lxng__ywKCrxLdFrfN9ZDDIWVZW3c6PXTuAzx49mgD6dLua2mNg4nlB59d7gftWGGszPV011C88XIZbh_4rR0GAkEMMiw1_Ruz-cvRa3-zoBN5i6rj3cY9YQHn9GZOs-ZEKj0Va0zo_vxdPNRXgJCHPdzZpL9nJ3GjTcCSigScNYavn-v_Kfec-7vl_mbPi7z1w3ts5hFsv0-mEoqVlOrO9Ny2dVxYJj2Qd1CEbzQFHkcez9us5Ycn4MAvW-Uww810lYCEbWMPoPHEW_rihNdTGBPr8wyJrkLpgBWpFm3dZ3VTnk-85TXbdionHbWTtQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2059546
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.fr3.eu.criteo.com/dis/ Frame 6A32 5 KB
3 KB 634ms
218ms Document
text/html 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe169478c73cfc096df5ffeb5b82e5&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d70fe01160cb11eeced33fac09a5b501aa5bf673f73398be88fdf8c08194a9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sun, 10 Sep 2023 19:18:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1976466
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 81F1 12 KB
5 KB 755ms
176ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1985367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKUtJN%2Filk5dR0%2FYvtfsm7wFC%2Bnyn0%2FfVoyZbRk04QB5tGmtYcVb5s6jT9gKi4DnykCzPdoM1P%2Fta%2B2i8DhMQ3DxbJGE5Jvkz6ii2VXj0LJVmCJTifnu%2BtGs9WKzLgvO8ZTCDOBb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 804a04c8cfc44be9-MXP
expires: Fri, 30 Aug 2024 19:18:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 81F1 12 KB
6 KB 306ms
305ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 81F1 10 KB
10 KB 868ms
240ms Image
image/png 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F27e396689d854f96bffb4f1c353d44d6_digicomp_logo_white_criteobanner_cta_square.png&v=3&w=196&s=u8RH3PKCv7sSdfjEnivknYad

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a7f6bf3d4e79e967e0b1b70de5e46a16da84b04fc505eedca6da03127901953c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 10545
expires: Wed, 04 Sep 2024 03:43:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 81F1 13 KB
13 KB 1205ms
578ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FDATCEN.jpg&v=3&w=800&s=12XblLqp0JXYAfqP738lBNAN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ebdc314a4d78be7683fc9f73e6ea3ae65c931bb3c1e3db0e4fc9d9efc16f660c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 13396
expires: Mon, 11 Sep 2023 13:59:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 81F1 0
128 B 800ms
175ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ZRl3Q9tKo0mjHH3g0S-M5F0YTLpMRm2fnitK5arQUC790sfbcLDe5OiS8fpqEZr4JjvDiSfRQ4Y9iY1Nfp0SOlBOu-NM5ME2zDMWPfnp6QpatjvFuTobty8HLr-5rIPscTtcNqTW1Rx5O9_x8ACl-ufeR5YPxGKhBzXadOWElBLMkC29_FED5nPZVauT55YUH2OpyrKCqZjtg36T56B2qhSeXJuAvenEZMIYd5nUiSmXT-ulj_hZ9ty3_1saRVorsPN3eA&sds=2&rev=88100.4&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 81F1 2 KB
1 KB 137ms
137ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 81F1 2 KB
1 KB 294ms
294ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7384 2 KB
1 KB 118ms
118ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7384 2 KB
1 KB 214ms
213ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7384 308 B
636 B 211ms
210ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7384 293 B
621 B 272ms
272ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 7384 43 B
347 B 320ms
319ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bs122l68Y8ROU4eA4dlK6OEkseeVA2XHxFQvPa_S58bbUSajFA8UFzKzxkfGP3Gsj4ZZzVPXU8UQ8FTYJ0NJhxW5VMXJdSb3Dri2ckfvYF9ECHDcclOnGeMqR9kqhxmhxoFk-0TxUC5W3S5z5_mAZ7k_nWuxywxzoqvB8_lT1wg8j8jxWF1gcQbrqEVM4qAO3LmEBtS-NYmdk1gG5oNf84-sP5ewr8yZuD9JOLH6SEooZD3-xqHNce0XVmUk-5SumSywhe6mHqsu4jC6B6SUiq_WMAY63UhUAyavqg8FFyoi6pp7ylha4db87Du03gfdKPG7rU_bLqOUubos31ugN1w-Zl84B4GtTMFvK28YKJRsAHWBJX7wN2LkaJX6Fk8jprc57BPvXlC7eviGQ7YCDiHi35rsHdi_HS9AD_hUh6eVfZi1ziADPSxlPHgUacadCFTnQoHq5KtQL7_nL4Qv4EwZso0nSUtYVjHcgCM5Fj1KYOs175eS-AGc1Wi7pBVwucL0o-RP5us2lx-GUJEWsk21gbuTo1uKZvzqXNrR7RErUWFuUQBuV_nwSAec5wjo0RkFDQc8j0gC3IZSIrLeDxqheZubIDRZE7jQfMqWPrLeiCJUwMXU0mCk4m9xCw8KWhfT7A

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2220891
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.fr3.eu.criteo.com/dis/ Frame 3F08 5 KB
3 KB 593ms
219ms Document
text/html 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d70fe01160cb11eeced33fac09a5b501aa5bf673f73398be88fdf8c08194a9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sun, 10 Sep 2023 19:18:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1921101
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7384 12 KB
5 KB 653ms
117ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1985367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgjMnAX8A0V00M2Bzy8bHf8ux1%2FkTD0Ni7QrCNZs45REbJvBu1m8iYQH4%2BoEw0RH1yFn%2FnjVSfjiO2uQXnb8q5ojr32sfsnoysYZ%2FZoEJFw91U9k2VJdU43iqk9ZUyIuFp9X%2BTA8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 804a04c8cfc64be9-MXP
expires: Fri, 30 Aug 2024 19:18:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7384 12 KB
6 KB 203ms
203ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7384 15 KB
15 KB 1583ms
1001ms Image
image/png 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F27e396689d854f96bffb4f1c353d44d6_digicomp_logo_white_criteobanner_cta_square.png&v=3&w=256&s=aPuqQdKvNOaseG06iYUEg09W

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9cdc95a5a7530f63cb0596d39d3d085c03bbba9e887dece7aead9d82d96855f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 15110
expires: Wed, 04 Sep 2024 03:43:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7384 153 KB
153 KB 1484ms
902ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FA02.jpg&v=3&w=800&s=3PeDqFKTfjpM8bz_msOqvgF9&b=1200

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

654089cc37c6b3bad52810844c7e799c3ac7d692ed7a051c9b31efbca9c87721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 156820
expires: Tue, 03 Oct 2023 06:25:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7384 0
127 B 819ms
240ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=jbxSW9tKo0mjHH3guvzBc0NoEQI98DRfhjqxWa2OlZNki2aKnP1uf7dOo54juVNk9byaaEYgAkvid7YWZe4YnkVXdwLUIwoP3nFLisrW5oVIkIy3kand5pqU8TWT9Sheq7p3ET8YGWf1Loko4yOPajX09ZWRBUtGa_8HQHY58QLjAHRycX_pNUnu4hd5D8VK0-HzdLnS4KkUUOu42GZEinektOPtAO8JpnghufntDBcGb0FR4y61lhJfGKrRugy5pqH3Ww&sds=2&rev=88100.4&sendBeacon=true

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7384 2 KB
1 KB 92ms
92ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7384 2 KB
1 KB 95ms
94ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Sep 2024 19:18:45 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4CFD 42 B
174 B 214ms
214ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPbH_zPDgi5CH8UbkdLBz0fAWZznMKO03Lkh4F4I2Qc0JDb2yCxpKvTRJgTOnapzE_GJ0GplHi4Uc_2cj4KhukiH56NKvT6eTlj8iq0UWANSc9cdwdDarDcL-93svx&sig=Cg0ArKJSzCcOdylJytkLEAE&id=lidar2&mcvt=1000&p=1110,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694373524598&rpt=110&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C1F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_cm&google_hm=ay1IakhYWHJQQXl6VEdwSTJqU1RPRldGcTFjV19rdy1OM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_gid=CAESEMIwXPIPu16YdaY48QSoYh0&google_cver=1&google_ula=913071,0

43 B
369 B

166ms
166ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_gid=CAESEMIwXPIPu16YdaY48QSoYh0&google_cver=1&google_ula=913071,0

Requested by

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 762844
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_gid=CAESEMIwXPIPu16YdaY48QSoYh0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame C1F3 43 B
145 B 99ms
93ms Image
image/gif 18.198.87.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-t8B2O7PAyzTGpI2jSTOFWFq1cW_x1g-uZjLTHg&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.87.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-87-254.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C1F3
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5807369807400848501

43 B
369 B

61ms
61ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5807369807400848501

Requested by

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 961185
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
an-x-request-uuid: 199692e2-ce8a-4c2d-8958-f5210ad28698
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5807369807400848501
x-proxy-origin: 144.2.118.226; 144.2.118.226; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
secure.adnxs.com/ Frame C1F3 43 B
853 B 100ms
94ms Image
image/gif 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-PiRsbLPAyzTGpI2jSTOFWFq1cW_eJvnlcr9w4Q

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
an-x-request-uuid: 23e8da9a-9edd-4955-bd67-1e31e72ea0d6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 144.2.118.226; 144.2.118.226; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET cksync.php
contextual.media.net/ Frame C1F3 0
0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame C1F3 42 B
740 B 99ms
94ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-E6tWt7PAyzTGpI2jSTOFWFq1cW_NNKzk_gJdIQ&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame C1F3 0
34 B 1777ms
279ms Image
text/plain 52.57.130.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-dHqL47PAyzTGpI2jSTOFWFq1cW9OMxdNzo06aA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT

GET /
rtb-csync.smartadserver.com/redir/ Frame C1F3 0
0

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C1F3 0
98 B 505ms
468ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ySDvL7PAyzTGpI2jSTOFWFq1cW9ucpsSkg3y-Q
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 55446

GET
H2 200 um
criteo-sync.teads.tv/ Frame C1F3 23 B
163 B 1778ms
225ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-dViDB7PAyzTGpI2jSTOFWFq1cW_POe9OvbbfyA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sun, 10 Sep 2023 19:18:47 GMT
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame C1F3 37 B
139 B 1479ms
138ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-P13tc7PAyzTGpI2jSTOFWFq1cW-fKL9epp-6xA&dongle=013b
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame C1F3 0
323 B 96ms
92ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-1eFAobPAyzTGpI2jSTOFWFq1cW88_uQUm59ILw

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame C1F3 43 B
163 B 1413ms
57ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-wVNvTrPAyzTGpI2jSTOFWFq1cW_YNiT92NFZ6g
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
last-modified: Thu, 11 May 2023 08:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "645cabc9-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame C1F3 49 B
342 B 1479ms
133ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Lp-mN7PAyzTGpI2jSTOFWFq1cW_Rt7XvByB8Jw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame C1F3
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA&C=1

43 B
326 B

159ms
158ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA&C=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbU0VM36%2BfVC%2FCtyDpqGVzkXNtU1SZ1r0qmcyqFgB0ywA5WNliRvWUK%2FVVJ8nZ5s%2Fj80b44RNemIrNiBfPUAkGKsbYJ7y76Go99OdqDWvHruVC8W5s7YKkiCXr96XoU8bD1A"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 804a04cadbff24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjFVgaictmlaimLDvY1bPKtuyyG6b%2FzOyhmtIZzr0C%2B6tMQqp3nQ04Igw%2BKO3HdU5pYDfsB1zlGa37R0c5GmVTMLRntzevBbfeX0ndz4Go0CNy3ndqx7Hn5qoorKm31HGcGB"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA&C=1
cache-control: no-cache
cf-ray: 804a04c9e9f224c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET

ibs:dpid=28645&dpuuid=as3bPCXDeBwcu3gECljzjlTIhqdT_I0g
dpm.demdex.net/ Frame C1F3
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=as3bPCXDeBwcu3gECljzjlTIhqdT_I0g

0
0

GET match
ad.360yield.com/ Frame C1F3 0
0

GET sync
matching.ivitrack.com/ Frame C1F3 0
0

GET push
exchange.mediavine.com/usersync/ Frame C1F3 0
0

GET cookie-sync
sync.outbrain.com/ Frame C1F3 0
0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame C1F3 42 B
451 B 141ms
108ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-LNPgObPAyzTGpI2jSTOFWFq1cW8zmFvmdsPK2Q
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 19:18:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET sync
criteo-partners.tremorhub.com/ Frame C1F3 0
0

GET m
ad.yieldlab.net/ Frame C1F3 0
0

GET sync
sync-criteo.ads.yieldmo.com/ Frame C1F3 0
0

GET put
e1.emxdgt.com/ Frame C1F3 0
0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 67AB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_cm&google_hm=ay1IakhYWHJQQXl6VEdwSTJqU1RPRldGcTFjV19rdy1OM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_gid=CAESEMIwXPIPu16YdaY48QSoYh0&google_cver=1&google_ula=913071,0

43 B
370 B

112ms
112ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_gid=CAESEMIwXPIPu16YdaY48QSoYh0&google_cver=1&google_ula=913071,0

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1050966
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HjHXXrPAyzTGpI2jSTOFWFq1cW_kw-N3FVc-_Q&google_gid=CAESEMIwXPIPu16YdaY48QSoYh0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 67AB 43 B
145 B 157ms
153ms Image
image/gif 18.198.87.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-t8B2O7PAyzTGpI2jSTOFWFq1cW_x1g-uZjLTHg&expires=30
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.87.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-87-254.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 67AB
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5807369807400848501

43 B
369 B

218ms
217ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5807369807400848501

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 882733
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
an-x-request-uuid: b954135d-b6ac-4a8c-be10-7c6bec5a7317
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5807369807400848501
x-proxy-origin: 144.2.118.226; 144.2.118.226; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
secure.adnxs.com/ Frame 67AB 43 B
853 B 158ms
154ms Image
image/gif 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-PiRsbLPAyzTGpI2jSTOFWFq1cW_eJvnlcr9w4Q

Requested by

Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
an-x-request-uuid: 20641b9b-6722-484c-9cac-804a435f157a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 144.2.118.226; 144.2.118.226; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET cksync.php
contextual.media.net/ Frame 67AB 0
0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 67AB 42 B
740 B 90ms
87ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-E6tWt7PAyzTGpI2jSTOFWFq1cW_NNKzk_gJdIQ&expires=30
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 67AB 0
35 B 1712ms
223ms Image
text/plain 52.57.130.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-dHqL47PAyzTGpI2jSTOFWFq1cW9OMxdNzo06aA
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 67AB 43 B
429 B 552ms
166ms Image
image/gif 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-v4iR8bPAyzTGpI2jSTOFWFq1cW87ch-e-BRwVQ
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:45 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 67AB 0
98 B 496ms
468ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ySDvL7PAyzTGpI2jSTOFWFq1cW9ucpsSkg3y-Q
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 55446

GET
H2 200 um
criteo-sync.teads.tv/ Frame 67AB 23 B
163 B 1768ms
224ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-dViDB7PAyzTGpI2jSTOFWFq1cW_POe9OvbbfyA
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sun, 10 Sep 2023 19:18:47 GMT
pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 67AB 37 B
140 B 1469ms
138ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-P13tc7PAyzTGpI2jSTOFWFq1cW-fKL9epp-6xA&dongle=013b
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 67AB 0
17 B 155ms
152ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-1eFAobPAyzTGpI2jSTOFWFq1cW88_uQUm59ILw

Requested by

Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 67AB 43 B
162 B 1405ms
58ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-wVNvTrPAyzTGpI2jSTOFWFq1cW_YNiT92NFZ6g
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:39 GMT
last-modified: Thu, 11 May 2023 08:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "645cabc9-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 67AB 49 B
182 B 1527ms
190ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Lp-mN7PAyzTGpI2jSTOFWFq1cW_Rt7XvByB8Jw

Requested by

Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 16
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 67AB
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA&C=1

43 B
335 B

109ms
109ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA&C=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr0vJHIWPkZHJrGmhsJDHiH0%2BcsCh9MCXnt4febO87QOSuYsUJMoWKTqFyeVPMgYo4nLr4HdshTUbq%2Ft4S6rh3SGtCXcZKb%2Fv9m%2BiWGqpG09d6iNLHbbEg%2BsyYPcUc8x7%2FkN"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 804a04cadc0524c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8%2BE2X4cK4xafTQYMGoRaft79zk3QvrtWJ8qCvxCM4wXQ7X4mg5%2BsEdWCSlfFjBGdlCL7D7jep5TF1rZnmbj46cbXm4GW2yduilq7AH8jiuYa2HO0cbJHLKCYiKjv8UAQip6"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-x_bijrPAyzTGpI2jSTOFWFq1cW9gjD2Ldw_JuA&C=1
cache-control: no-cache
cf-ray: 804a04c9e9f724c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET

ibs:dpid=28645&dpuuid=bFYLpaXmLYUBbBL6g_Sgx-0kDPjIgSmf
dpm.demdex.net/ Frame 67AB
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bFYLpaXmLYUBbBL6g_Sgx-0kDPjIgSmf

0
0

GET match
ad.360yield.com/ Frame 67AB 0
0

GET sync
matching.ivitrack.com/ Frame 67AB 0
0

GET push
exchange.mediavine.com/usersync/ Frame 67AB 0
0

GET cookie-sync
sync.outbrain.com/ Frame 67AB 0
0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 67AB 42 B
433 B 137ms
136ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-LNPgObPAyzTGpI2jSTOFWFq1cW8zmFvmdsPK2Q
Requested by: Host: widget.fr3.eu.criteo.com
URL: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fe16959648a14a87e15f5b8b0dc85d&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Sep 2023 19:18:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET sync
criteo-partners.tremorhub.com/ Frame 67AB 0
0

GET m
ad.yieldlab.net/ Frame 67AB 0
0

GET sync
sync-criteo.ads.yieldmo.com/ Frame 67AB 0
0

GET put
e1.emxdgt.com/ Frame 67AB 0
0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0935 42 B
108 B 148ms
148ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1S6UtccnQasf4t2zC5POB8gjnvaHKgBr4TXekfyeOdhF3KIPAH_6MtRRl5FBEFfXP-R_lU59GqchaYkE3b3ZZndd6qmGauyvZRkGLiJSQEy5eZIICMWZPRElUISYJ&sig=Cg0ArKJSzISP_9uvVuCeEAE&id=lidar2&mcvt=1021&p=60,236,310,964&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3805778231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694373524843&rpt=89&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

usermatch.gif
beacon.krxd.net/ Frame C1F3
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=abRzkenVgAs5Yn6xIbDbhLF4nPobcfXj

0
0

GET

usermatch.gif
beacon.krxd.net/ Frame 67AB
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=memZjYC1qEi28Zw9qS1jmTxasaTcCLzP

0
0

GET
H2

200

cs
s.thebrighttag.com/ Frame C1F3
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xb9fli8kPEBlUFFYz6tt7y1y-Sxa2oxx

35 B
268 B

883ms
284ms

Image
image/gif

3.141.87.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xb9fli8kPEBlUFFYz6tt7y1y-Sxa2oxx
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ8M7vBARyg7xhqpLsyuTqRsNcZ7wUBJ9L8CxBZ_8kDi98F2jn4Dq0UOgTqeylly34fo1FKwjXl4w5eg5b5X03IUxonBCc70n8BgIaos4tvNvuNDffY69jZddI5EvrF9ype17tNZsgo6TpAvFWbRBasITOSzW6FRhMA5jnQD7dYEju7QZatQmmULBU-yoxu-Hcyz3de4QO6JA1LJ2Ci_mx676Q65zzWK2DfT1C6yelL8YoThs0lc-jeUW9leI9aADCSTSkH9MEI2lCW5OlGtdOJUnK9M8fvhdtzKjtSk5iqFVNesfubvx_ByqilO1r3szh15ic3WSdQ7kttGgDHtW8L9qJnm67qgWbv6vXhaHRMDHKHS2JMcG33BE9Yt5WPAzIp48djpS_ZlyvEVyP8IDEmgxPT1pTNZWgc7ix3xe-2uWUuwl8dxf3D_4vCf6dj0TORrSGHmE5oGHOoAKY9LgbN5oXUGfg_rCX30KfVm-TCDHpHNG393kZ9mJ95RIajEsT8UsctvTsFhBolmcubhB_rJhL49puAy-_rpmhTFJIts8VcIglRAAwE-hgOOvTldk3Nwdt0Ia1cineWTdtqY8XD-wVVTiJbHocXr4qpLoC_hZVTY-W1UmbyJta3kI2CY99GuKOQgHwMTGs2PCdB4_eUBbbF9Nz-eB-gYu53tqbdWpFfn5QeXyrvs
Protocol: H2
Server: 3.141.87.90 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-87-90.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
x-bt-requestid: dd83f140-500e-11ee-b9ae-0000ac1702e3
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xb9fli8kPEBlUFFYz6tt7y1y-Sxa2oxx
date: Sun, 10 Sep 2023 19:18:45 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 726841
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 67AB
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=umTLfSWz9F2uMzS1BDCf6OlIbcmrCUER

35 B
267 B

610ms
285ms

Image
image/gif

3.141.87.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=umTLfSWz9F2uMzS1BDCf6OlIbcmrCUER
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg
Protocol: H2
Server: 3.141.87.90 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-87-90.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
x-bt-requestid: dd83f140-500e-11ee-92fa-0000ac170031
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=umTLfSWz9F2uMzS1BDCf6OlIbcmrCUER
date: Sun, 10 Sep 2023 19:18:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 824774
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 81F1 0
127 B 172ms
171ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Sep 2023 19:18:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 7384 0
127 B 146ms
146ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CQpjQRkkFt8zeV0brGEmio3HK0KjIdPXJ3aETmLULnvE%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4VohX4BB7vlER4ooEJP_S9fCs29cGL91RhqdYAl7NbjOXlwNITVwh-p9CA3839Gg1FxAy5Y-ONoSVnGJyq9VmyOxhAzXjNfdJQX9IB-7FxWapFfGCJ4QAvuLglZv4yVpg5aDJ_a5APosMauWYeJ-YrIc9wB2pWeQGRl12jVBcnQY0d7dSVetPEnyj8tMXAtp5PVkKVjxaZXNm9nrR0k_ABjrt6YK2a1tf2_87-tmDSGxoMb1wyQOqr78xOef1_DXmO-kCGlqGs2cSFlX4XsdHT2qD0pivU1tBSQoS8cuir_X14YRIXil7mqPaYm9uG6sMjNJ6Fg9Yw-_VkB8O_N5mlqjitMnyX-6AFORPMaRt7zy3J0VyoNXXbJi5XvunVjD7T9b7M8UZO-VPLyyeCVRN3flKsbHZedlqI4oXTWYvKvCxcZvtRemiRFH10_oMkUcu4kzzqUp58GEunQ_o8fctqLUK1-PMdrAyTYhC_1gvZ34tNwUO_MIKcIqfgW1hrfZ-3spNh4yVRTyViiI1CFbiqyX0uDydDnjiMqaMaPIzgo4yz_Jw3RAqvzm-KuolqbiP0mmGWBAiMflOv185ogcX4YUaHL9UMfANPe2bYaSlyUs6SOextQM4zN5IoveA0Siz1qr51HUr0N7Wdsp-UfZBTP04MEwvZKedastvUMHT2IIFzPnVvp4Y_J9pPRbw3W5sHg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Sep 2023 19:18:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 130ms
130ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=1609667580&cid=227825893.1694373518&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1694373521&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-ta-luo-12xing-zuo-yi-zhou-yun-shi-0117-0123-shuang-zi-kan-jin-he-bao-shi-zi-bi-xu-chen-zhu-qi.html&dt=%E5%A5%A7%E6%96%AF%E5%A1%94%E7%BE%8512%E6%98%9F%E5%BA%A7%E4%B8%80%E9%80%B1%E9%81%8B%E5%8B%A20117-0123%E3%80%80%E9%9B%99%E5%AD%90%E7%9C%8B%E7%B7%8A%E8%8D%B7%E5%8C%85%E3%80%81%E7%8D%85%E5%AD%90%E5%BF%85%E9%A0%88%E6%B2%89%E4%BD%8F%E6%B0%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t6aIa5de%2Fh%2Ff4%2FKrkKEk5EsRGFVdhSVgb2kQVNyJ1kFjtZdA5pM5xYSv8Mlu01FX39YNkBpaD%2FVuJ36vi%2FE5JsL17LoWY%2BFljVX%2BawQOkwHngNy1k7ZFPWbgPunEWUIQHfoGem5TMG1B50kbrVtVapsJRwhS%2B9T4zLjHlRlsiExAq7%2FoLYd...
ad.vidverto.io/delivery/v2/content/tracking/progress/1811/ 50 B
50 B 486ms
145ms Image
text/plain 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/content/tracking/progress/1811/t6aIa5de%2Fh%2Ff4%2FKrkKEk5EsRGFVdhSVgb2kQVNyJ1kFjtZdA5pM5xYSv8Mlu01FX39YNkBpaD%2FVuJ36vi%2FE5JsL17LoWY%2BFljVX%2BawQOkwHngNy1k7ZFPWbgPunEWUIQHfoGem5TMG1B50kbrVtVapsJRwhS%2B9T4zLjHlRlsiExAq7%2FoLYdQzVunVxSNY7LC%2FDHh7nDs9bGl67Uk2VWbZQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 720ms
106ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&bundle=vdy22V8xOXF6bSUyRlRGQzdHayUyQmJnbVJ0QlhqTGdNWTAzeU5VcnVtYXN3NklHNnV3b1hsZUxPdnEzeGt4UyUyRjJXUkphRml0Qk1PU0dGMkdTbW5EOHElMkJZM0FuVVJoUjBsdHI5NjZsJTJCUGNIUE40T1plQ1M0TWVqaGtHQ0ZpUWM1SFRpa3ZKTk9HQXZnMTFpMGVqMDk2QVFPdE5QOVZnJTNEJTNE&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 10 Sep 2023 19:18:46 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 233486
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 110ms
109ms XHR
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 250872
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
418 B 81ms
80ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 227afe382afb08da5ce5d6728975b41359553d478d7611176ea4f7776d7a35dc

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 10 Oct 2023 19:18:47 GMT

GET sync.html
public.servenobid.com/ Frame 2EC3 0
0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame D9F1 24 KB
8 KB 548ms
180ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

1d7082e9253fc7753f8e457947872bbbae81919127a54d020a1427fd20cf5127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8472
content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 19:18:47 GMT
expires: Tue, 12 Sep 2023 19:18:47 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 pd Show response
adpushup-d.openx.net/w/1.0/ Frame 8DE9 504 B
638 B 129ms
109ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 82ca107017524ad16ac38b4c1daa43992d05bd501eaabe5fdda72bdff543e80a

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 323
content-type: text/html
date: Sun, 10 Sep 2023 19:18:47 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET isyn
prebid.a-mo.net/ Frame F117 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D05A 3 KB
1 KB 67ms
67ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1694373521396

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-52-208-254-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3b9818ee2f12568d6a1ecc27c5d6d5243e47cd01a5496fd0e45c61dc881fc53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1016
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET ixmatch.html
js-sec.indexww.com/um/ Frame 879B 0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 72D2 281 B
554 B 66ms
66ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Sep 2023 19:18:47 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 760B 6 KB
2 KB 125ms
112ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 804a04d198febb13-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 19:18:47 GMT
server: cloudflare
vary: Accept-Encoding

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame FC6E 0
0

GET sync
eb2.3lift.com/ Frame 22AF 0
0

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
784 B 174ms
174ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=208401&tagid=1047981&crid=-1&noaop=3&sortOrderType=0&cb=1694373527261&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=140898758&pt=1985471307&tz=120&viewable=true&ddast=V8SfYCLAYkb4hWXbj59BNI3hCtunDz6S8AAABgYID-AAnMnJuRyTByyzzOyVo0sXjcysVwtJb4JpOFZzhxDUcrIyCBmXMzMhlGbpnHOVmLJhaPW7kYjtYS32Sy8AwnruFoZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Cr9b83SLHm6x6-9WTIZPu88tff3dyqdbevS73srX3a05Ot2CxWK3Fiwmm7Xm6HrYfW7p06112N1Sp90tdLklDr9bc3S6pU-3xOkWvt4ao8vulh5db8XTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHBfubvS7T5_c0-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ5YdGA1qelqOiBRQFmEEAAAAAFLATvzIJJ2gYlHl__-_3wrAFQCAAEVAxAv8LLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEep55EoTtKDQo-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gOBwsjKtPMuVw7LYrBam4XA5WI4WM9Ng45w5lhvvAW8mgP5S3zPrsyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBAOrjWWwsizWmpnJ4xZtbJa1wrHZuGW73co0MqwWto1xLXp9TBebb7kxjLxIMGBwL5KnRTqRuVwO18wzc0xsu-FstdktFiPLZrKYzWyWhW0xsYglmpNFOpFd9sXhZGVaeZYrh2WxWS1Mw-FysBwtZqbBxjlzLDf-wmpjGawsi7VmZvK4RRubZa1wbDZu2W63Mo0Mq4VtY1yLXh_TxeZbbgwjf2O2HG12m9Vit2_MlqPNbrNa7PYdOsN39TkblWWV5GOzXH8np-_mNChcBov3pT6dhwVjQVjyHJ068-NZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX-F3a55u0cMtdv3disnwafe5pa-_W_l0S49-11v5urs1R6dbsFjs1oLFZLPWHF0Pu88tfbq1Drtb6rS7hS63xOF3a45Ot_TpljjdwtdbY3TZ3dKj66142oWmt9kilghOF-lE9DKeLuo_aojRaC6ZKxbDuWQyWyUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpuAFinu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIxWIw2j8AFWKtVqvbjbVarYAFNlkuJxP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!pl140898-758_vA!t45!ufm_vG!ul142462-737_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 548311b14a7a2c151473026b3b37cbafb7fac217d51b68d916a8a14a52ff612c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
content-encoding: gzip
server: nginx
machineid: 1434
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame D05A 43 B
443 B 111ms
110ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694373521396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 10 Sep 2023 19:18:47 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sun, 10 Sep 2023 19:18:46 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame D05A 42 B
740 B 111ms
110ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=fEHGovsYLYWxJCk060sGhUx4fGU9CkcL-45y1bikDQs
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694373521396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame D05A 0
0 110ms
109ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694373521396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D05A 70 B
148 B 347ms
346ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694373521396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 72D2 35 KB
10 KB 225ms
225ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 10 Sep 2023 19:18:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Sep 2023 08:42:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=48258
Connection: keep-alive
Content-Length: 10209
Expires: Mon, 11 Sep 2023 08:43:05 GMT

GET current
openx2-match.dotomi.com/match/bounce/ Frame 8DE9 0
0

GET
H2

200

dds
rtb.openx.net/sync/ Frame 8DE9
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=zBTVGeoTxhwkqHhdba5wcg==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
114 B

152ms
152ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:48 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 87853961-d339-ed7b-f30b-221f41e08781
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8DE9 43 B
602 B 149ms
148ms Image
image/gif 52.208.254.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/87853961-d339-ed7b-f30b-221f41e08781?gdpr=0

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.254.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

sync
r.scoota.co/ Frame 8DE9
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx

0
0

GET cm-notify
creativecdn.com/ Frame 8DE9 0
0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8DE9
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ut4ntL3ceOOhiXGyuNJs4brecbWh3ifg7480P-vH

43 B
106 B

127ms
126ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ut4ntL3ceOOhiXGyuNJs4brecbWh3ifg7480P-vH
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Sep 2023 19:18:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ut4ntL3ceOOhiXGyuNJs4brecbWh3ifg7480P-vH
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 760B 48 KB
12 KB 150ms
116ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 19:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 800713
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 804a04d2fb70bb13-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame B3E3 0
316 B 94ms
94ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 804a04d3ccd1bb13-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Sep 2023 19:18:47 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 25C9 3 KB
1 KB 86ms
86ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS