www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://vidverto.io/?utm_source=vidverto.io_branding&&utm_medium=www.bg3.co

URL: https://liposuction2023-ch.space/
Title: Entfernung von Bauchfett | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=b4279a99712dd0cf06012377a197378f&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~3775423760314731543~~zidyxM1teMCzqDRwUpkHKVle9H31A3fsRcT7zQgYxi3noZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzi8Q9xrwCRV91TiD30JiLnIP805H1lX0ITTMiW6tZ2X7V0zoc5jf9v2r3RZ1m3jDz6loRR5m6NJiN8DS-5nRmsTS8Maux2jWC1gRU3nx5A7rEVxuOWKWhrQzvXHgQEr6voYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=0c48c424ac3dc54a538a25d79d8e8e043d878d098bf4&redir=https%3A%2F%2Fliposuction2023-ch.space%2F%3Fnetwork%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DBauchfettentfernung%2Bohne%2BOperation%2Bim%2BJahr%2B2023%253A%2BDer%2BPreis%2Bk%25C3%25B6nnte%2BSie%2B%25C3%25BCberraschen%26sub1%3D29224517%26sub2%3Dpalmate-bg3co%26sub3%3D2023-11-01%2B21%253A12%253A59%26pxtb%5Bid%5D%3D1160933%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCx-1so_5rf3seuy8sI%26kw1%3Dkompressionsw%C3%A4sche%20nach%20liposuktion%26kw2%3Dfettabsaugung%20und%20bauchstraffung%26kw3%3Dbauchstraffung%20und%20fettabsaugung%26kw4%3Dbauchdeckenstraffung%20mit%20fettabsaugung%26kw5%3Dnacken%20fettabsaugen%26kw6%3Dfettabsaugung%20m%C3%A4nnerbrust%20kosten%26kw7%3Dm%C3%A4nnerbrust%20fettabsaugung%20kosten%26kw8%3Dfettabsaugung%0A%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCx-1so_5rf3seuy8sI&vi=1698873179239&p=medianet-business8-pp&r=34&tvi48=10637&tvi50=13315&lti=deflated&ppb=CIEG&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Jetzt Suchen

URL: https://shipping-container-ch.com/
Title: Schiffscontainerhäuser | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=ad9b647c36549f7fa48c72c81e8730b8&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~-6020094844931346236~~9gZt6pLO9fYamzLXiAiJlBbzMl-GnG_ADrirpn4G9lx9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15EXbuS8jkQX0nUuhwc1s0NQ9r6inXNiU0xgeu9DTjqeim6c-n9v_EKnUJWUIcRxLSqxk6lYXH7GB_5r5upFndXUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=ebab4df2faf4c88bf102752a7be3131a6d82f952575f&redir=https%3A%2F%2Fshipping-container-ch.com%3Fsub1%3D26895398---delimjuwe---3723198687%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDGtGEo8J7mx9uq2frpAQ%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DOberwil%2BBei%2BZug%253A%2BUnverkaufte%2BContainerh%25C3%25A4user%2Bzum%2BVerkauf%2Bf%25C3%25BCr%2Bfast%2Bnichts%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDGtGEo8J7mx9uq2frpAQ&vi=1698873179239&p=ajaskagmbh-search-sedo-shippingcontainerhomes-sc&r=88&tvi48=10637&tvi50=13315&lti=deflated&ppb=CMAG&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Jetzt Suchen

URL: https://3sqszq.pzzqvpjlfkbmb.com/
Title: Seniorenwohnungen | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=ad9b647c36549f7fa48c72c81e8730b8&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~7155644403688388499~~3RLofXRUrabmHNnsQHbw7ViUB4wd41WTX6P3wQe6X-tyNpbgedRdYuhjTdtdbeHkkVNSC6iaJPmSgK6YU1G_ng3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7bQN_jleqAY81pi6nHy58B_E2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=73fb540c006618c0b3e4164388bf3c6edbeef8f0d72a&redir=https%3A%2F%2F3sqszq.pzzqvpjlfkbmb.com%3Fsubid1%3D28107771%26subid2%3D3791784258%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCc01wouJDvp6TIiOWVAQ%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNeue%2BSeniorenwohnungen%2Bin%2BOberwil%2BBei%2BZug%2B%2528Sehen%2BSie%2Bsich%2Bdie%2BPreise%2Ban%2529%26click_id%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCc01wouJDvp6TIiOWVAQ%26dpco%3D1%26tblci%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCc01wouJDvp6TIiOWVAQ%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCc01wouJDvp6TIiOWVAQ&vi=1698873179239&p=happystory-search-seniorlivingdach&r=67&tvi48=10637&tvi50=13315&lti=deflated&ppb=CMAG&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Jetzt Suchen

URL: https://eu-play.sunrisevillagegame.com/
Title: Sunrise Village

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=80e512f95b2e396e42e083d97b18fe7e&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~-2811325521041462439~~GhJZ5GcLB8N8LRfQs08MT38jlIkNT_-WqXgJSw-9YQN9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15zH2LMBnfpLD52kTWTfrWMeRFEOk0jjRNjAYU-cpX63PpIVT2M9jqnc4uM7uXYM8CPty428XVfgjc-OnjEeXGBp_S0ig87w5lOV3QycS3MEQ&pt=text&li=rbox-t2v&sig=8468d6824744c219bf31b73df0a99fc8524fa9267870&redir=https%3A%2F%2Feu-play.sunrisevillagegame.com%2F%3Fref%3Dtab_de_ch%26clickid%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDuzWEogvW6yICMx7gE%26external_param%3D3831572975%26pid%3Dpalmate-bg3co%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F7a150605b3e37013a291c9475cdcd069.jpeg%26tblci%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDuzWEogvW6yICMx7gE%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDuzWEogvW6yICMx7gE&vi=1698873179239&p=innogames-sunrisevillage-desktop&r=90&tvi48=10637&tvi50=13315&lti=deflated&ppb=CIoB&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Weiterlesen

URL: https://ecohouses-ch.com/
Title: Ökohäuser | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=31ae580587a657be7478b4cdae96f591&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~734521157946510096~~0G-mH8n0EIAviYO84a29iqeZ0Fp92koZJQQapOX6Qv19_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15l1mVd4DmaUfz5E2bcg-knWDKm0BxgajBRGTPXWjzHqym6c-n9v_EKnUJWUIcRxLQyGrAv7QRKnJEtEzDwdriHUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=5fe12b18241486b08f1e7c070d6604e0ea4c544319e4&redir=https%3A%2F%2Fecohouses-ch.com%3Fsub1%3D25987440---delimjuwe---3705879344%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECD_tF8ot8PCmpuTlZHFAQ%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DOberwil%2BBei%2BZug%253A%2BUnverkaufte%2B%25C3%2596koh%25C3%25A4user%2Bwerden%2Bfast%2Bumsonst%2Bverkauft%2521%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECD_tF8ot8PCmpuTlZHFAQ&vi=1698873179239&p=ajaskagmbh-search-sedo-ecohouses-sc&r=83&tvi48=10637&tvi50=13315&lti=deflated&ppb=CPoF&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Weiterlesen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=717836a8dab759f85cf0bebe0efe10ea&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~3775423760314731543~~rO58Fzw5zb7azUyGXShQ-1le9H31A3fsRcT7zQgYxi3noZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzi8Q9xrwCRV91TiD30JiLnnSHyY-WAsIwhpldKucq5CrV0zoc5jf9v2r3RZ1m3jDz6loRR5m6NJiN8DS-5nRmsTS8Maux2jWC1gRU3nx5A7rEVxuOWKWhrQzvXHgQEr6voYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=c8d4fdff71d4a236ba5543b1cc35011fa3e8cc83622e&redir=https%3A%2F%2Fliposuction2023-ch.space%2F%3Fnetwork%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DBauchfettentfernung%2Bohne%2BOperation%2Bim%2BJahr%2B2023%253A%2BDer%2BPreis%2Bk%25C3%25B6nnte%2BSie%2B%25C3%25BCberraschen%26sub1%3D29224517%26sub2%3Dpalmate-bg3co%26sub3%3D2023-11-01%2B21%253A12%253A59%26pxtb%5Bid%5D%3D1160933%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCx-1soydDe1Omo6YhQ%26kw1%3Dkompressionsw%C3%A4sche%20nach%20liposuktion%26kw2%3Dfettabsaugung%20und%20bauchstraffung%26kw3%3Dbauchstraffung%20und%20fettabsaugung%26kw4%3Dbauchdeckenstraffung%20mit%20fettabsaugung%26kw5%3Dnacken%20fettabsaugen%26kw6%3Dfettabsaugung%20m%C3%A4nnerbrust%20kosten%26kw7%3Dm%C3%A4nnerbrust%20fettabsaugung%20kosten%26kw8%3Dfettabsaugung%0A%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCx-1soydDe1Omo6YhQ&vi=1698873179239&p=medianet-business8-pp&r=99&tvi48=10637&tvi50=13315&lti=deflated&ppb=CLAB&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Jetzt Suchen

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=717836a8dab759f85cf0bebe0efe10ea&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~-2811325521041462439~~UJSSq6kXm5lsmJrSwxCfO38jlIkNT_-WqXgJSw-9YQN9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kD7VbyU9qGbFCk3G1JTsLXzll8U7U8fxWpPkiBRjEp7GeRFEOk0jjRNjAYU-cpX63PpIVT2M9jqnc4uM7uXYM8CPty428XVfgjc-OnjEeXGBp_S0ig87w5lOV3QycS3MEQ&pt=text&li=rbox-t2v&sig=cfb96186967a63a3d2ac1c6a005221dd217cfd8a0251&redir=https%3A%2F%2Feu-play.sunrisevillagegame.com%2F%3Fref%3Dtab_de_ch%26clickid%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDuzWEotLaPjM-zidHsAQ%26external_param%3D3831572975%26pid%3Dpalmate-bg3co%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F7a150605b3e37013a291c9475cdcd069.jpeg%26tblci%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDuzWEotLaPjM-zidHsAQ%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDuzWEotLaPjM-zidHsAQ&vi=1698873179239&p=innogames-sunrisevillage-desktop&r=64&tvi48=10637&tvi50=13315&lti=deflated&ppb=CLAB&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Weiterlesen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=5b95e85cd8d93540a809c2fd0540f732&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~-6020094844931346236~~9gZt6pLO9fYamzLXiAiJlBbzMl-GnG_ADrirpn4G9lx9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15Lu2p_FapL58U7V-zQVIzMQ9r6inXNiU0xgeu9DTjqeim6c-n9v_EKnUJWUIcRxLSqxk6lYXH7GB_5r5upFndXUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=2c8ca8804c671b1ec06aa574383ed589a6af48e98649&redir=https%3A%2F%2Fshipping-container-ch.com%3Fsub1%3D26895398---delimjuwe---3723198687%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDGtGEohbC82J7r9PbcAQ%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DOberwil%2BBei%2BZug%253A%2BUnverkaufte%2BContainerh%25C3%25A4user%2Bzum%2BVerkauf%2Bf%25C3%25BCr%2Bfast%2Bnichts%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECDGtGEohbC82J7r9PbcAQ&vi=1698873179239&p=ajaskagmbh-search-sedo-shippingcontainerhomes-sc&r=36&tvi48=10637&tvi50=13315&lti=deflated&ppb=CO8C&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Jetzt Suchen

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=5b95e85cd8d93540a809c2fd0540f732&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~7155644403688388499~~3RLofXRUrabmHNnsQHbw7ViUB4wd41WTX6P3wQe6X-tyNpbgedRdYuhjTdtdbeHkn1OV0paklJAyh655pQ0hZw3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7bQN_jleqAY81pi6nHy58B_E2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=0f5c786848fa48613e3e2279fa99411fa2bc06517bf7&redir=https%3A%2F%2F3sqszq.pzzqvpjlfkbmb.com%3Fsubid1%3D28107771%26subid2%3D3791784258%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCc01wov5vGk7CS6MKUAQ%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNeue%2BSeniorenwohnungen%2Bin%2BOberwil%2BBei%2BZug%2B%2528Sehen%2BSie%2Bsich%2Bdie%2BPreise%2Ban%2529%26click_id%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCc01wov5vGk7CS6MKUAQ%26dpco%3D1%26tblci%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCc01wov5vGk7CS6MKUAQ%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCc01wov5vGk7CS6MKUAQ&vi=1698873179239&p=happystory-search-seniorlivingdach&r=30&tvi48=10637&tvi50=13315&lti=deflated&ppb=CO8C&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ri=92023631c606977b05769f6c933af44b&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&it=text&ii=~~V1~~3775423760314731543~~U2M_1RjJzVP-NPX1sfFqdFle9H31A3fsRcT7zQgYxi3noZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzi8Q9xrwCRV91TiD30JiLnN46e0yWhAjAgMYkTMr2wN7V0zoc5jf9v2r3RZ1m3jDz6loRR5m6NJiN8DS-5nRmsTS8Maux2jWC1gRU3nx5A7mTz7RJrna_FhEtrqIV2thboYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=1c9e46e2766100f2d3857a39fe7959186499cde40ddc&redir=https%3A%2F%2Fliposuction2023-ch.space%2F%3Fnetwork%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DBauchfettentfernung%2Bohne%2BOperation%2Bim%2BJahr%2B2023%253A%2BDer%2BPreis%2Bk%25C3%25B6nnte%2BSie%2B%25C3%25BCberraschen%26sub1%3D29224517%26sub2%3Dpalmate-bg3co%26sub3%3D2023-11-01%2B21%253A12%253A59%26pxtb%5Bid%5D%3D1160933%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCx-1so5MO7yND99bXlAQ%26kw1%3Dkompressionsw%C3%A4sche%20nach%20liposuktion%26kw2%3Dfettabsaugung%20und%20bauchstraffung%26kw3%3Dbauchstraffung%20und%20fettabsaugung%26kw4%3Dbauchdeckenstraffung%20mit%20fettabsaugung%26kw5%3Dnacken%20fettabsaugen%26kw6%3Dfettabsaugung%20m%C3%A4nnerbrust%20kosten%26kw7%3Dm%C3%A4nnerbrust%20fettabsaugung%20kosten%26kw8%3Dfettabsaugung%0A%23tblciGiDBtN2CkKaGg9uDuPGL_tNqKGgDXqadJrttgyk8pXQxECCx-1so5MO7yND99bXlAQ&vi=1698873179239&p=medianet-business8-pp&r=35&tvi48=10637&tvi50=13315&lti=deflated&ppb=CLcG&cpb=EhIyMDIzMTEwMS01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NziA2KLjBUCy0A1Iz4gQUOrb2QNY____________AWMI0DcQjVMYMGRjCMtOEINoGDJkYwjXFhDVHxgjZGMIyi4QkT4YM2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI_0YQjGYYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAHJgoxJkAEcmAGf-e3luDE&cta=true
Title: Jetzt Suchen

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 64

https://ad.doubleclick.net/ddm/trackimp/N273801.3298660SUNMEDIA/B30790062.378069976;dc_trk_aid=569024626;dc_trk_cid=187116014;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=bg3.co HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N273801.3298660SUNMEDIA/B30790062.378069976;dc_pre=CPe8nuPbo4IDFbeZgwcdweINgg;dc_trk_aid=569024626;dc_trk_cid=187116014;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=bg3.co

Request Chain 150

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 151

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/132a2e82-afe1-3147-823d-310b47a4c838?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-HWyDzsVE2oVz7EiPoDlqLJBTv_6db6c_m3SgYRI-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 162

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=8e4042cf-3b30-4eb8-bdf1-df61fcd33821&p_id=23

Request Chain 163

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=83307315-4321-433f-9706-e2c16a4eb6a2&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=83307315-4321-433f-9706-e2c16a4eb6a2&gdpr=0&gdpr_consent= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-j7S2RKtgJ9PKvLra9127h3f8wfwq4clmnsn0ew&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&p_id=15

Request Chain 175

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LOG987LT-25-I9YM&gdpr=0

Request Chain 176

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9082381977519593646

Request Chain 177

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=ebc85f533c9d632183c577ab35615af&gdpr_consent=&gdpr=0

Request Chain 179

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4y7hBQSo59x5P-LiTzoWNNawyAy23mNsQ

Request Chain 180

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=6039177356785482220

Request Chain 182

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=dww_mkQ0CzQ42PQlQTZnr9iWSDIesWJGqEHTkYZTlDw

Request Chain 183

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODlBNEE2OTgtODI0Qy00NjQ2LUE0MTAtQjM3MkU2QzkwQzlG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=89A4A698-824C-4646-A410-B372E6C90C9F

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

Request Chain 185

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

Request Chain 187

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&google_hm=ZjRkZTJhYjEtYTVlMi00NWM0LTkwZWYtMWEzNjIzOGVmYmZk HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHkmCKvtd75Te7xMLjWhWKI&google_cver=1&ssp=onetag&bsw_param=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&gdpr=&gdpr_consent=&us_privacy=

Request Chain 188

https://ad.mox.tv/delivery/sync?userid=njN6JwotBZangorY7GUEkKgxEeMGfYdRY34iv0yHHKc&p_id=5 HTTP 301
https://ad.mox.tv/delivery/v2/sync?userid=njN6JwotBZangorY7GUEkKgxEeMGfYdRY34iv0yHHKc&p_id=5

Request Chain 193

https://pr-bh.ybp.yahoo.com/sync/taboola/8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-a0BOIzZE2oT4peiLqf2PbJnUzjBPyG1BFnyFhg--~A

Request Chain 225

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOG987LT-25-I9YM HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOG987LT-25-I9YM HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 235

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/m8ybShHgq3prw5B9nY5HL8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4zFT0iFE2oK5LaoVe89pld8pH0HLbWmogpdgnA--~A

Request Chain 236

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hOWyPdbITRGogdx094B2NA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hOWyPdbITRGogdx094B2NA

Request Chain 237

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=C_i8PgMFQP-xA5x9i6jj1Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=C_i8PgMFQP-xA5x9i6jj1Q

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN4zvdFPACMHfwl3Q2Fh6T4&google_cver=1

Request Chain 240

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG987LT-25-I9YM

Request Chain 241

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjU4MjY3NDY4OTFjZjQ3NGIwYTEwY2JmZTQ0YjcyMDBmN2E2YjQ5NQ

Request Chain 242

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9HOTg3TFQtMjUtSTlZTQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJEq2LhW2UOi3ZNBowQQV0Y&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HOTg3TFQtMjUtSTlZTQ==&google_push=

Request Chain 243

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHxX07KhX8AABmFZFEu2g&expires=30

Request Chain 244

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG987LT-25-I9YM

Request Chain 245

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LOG987LT-25-I9YM

Request Chain 246

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LOG987LT-25-I9YM

Request Chain 247

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ffb3b8e8-4d20-40b6-8ba5-9286a4c60aed&expires=30

Request Chain 248

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOG987LT-25-I9YM

Request Chain 249

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOG987LT-25-I9YM&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOG987LT-25-I9YM&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sX0FJdGR0RTJ1SFJyZHRBYmQ2ZDBDOS4yazFUYTZRcn5B&ovsid=LOG987LT-25-I9YM&dpid=58160

Request Chain 250

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LOG987LT-25-I9YM&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LOG987LT-25-I9YM&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 254

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698873182&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698873181770&bpp=219&bdt=1419&idt=652&shv=r20231031&mjsv=m202310260102&ptt=5&saldr=sd&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&correlator=2563004335882&frm=23&ife=1&pv=2&ga_vid=990439440.1698873180&ga_sid=1698873182&ga_hid=59071842&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2590&biw=1600&bih=1200&isw=336&ish=280&ifk=867058706&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079080%2C31079231%2C31079265%2C44805934%2C44806500%2C44807047%2C31078301%2C44806140%2C31079295&oid=2&pvsid=3200311473196975&tmod=1418204801&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3r5gj0c08xtv&btvi=1&fsb=1&dtd=669 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 300

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 317

https://adpushup-d.openx.net/w/1.0/pd HTTP 302
https://adpushup-d.openx.net/w/1.0/pd?cc=1

Request Chain 328

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

Request Chain 331

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 333

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UfG9xwWivJFK8bqXAfekkASivsxKprCRVPz77BoI

Request Chain 334

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=182588496478409544

Request Chain 338

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFPpEmAS69roWlS2lntGwvw&google_cver=1

Request Chain 344

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 349

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=9082381977519593646

Request Chain 350

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=Hld5tRZHua57zQTCS_662DaY

Request Chain 352

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698873184588 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=5414781017

Request Chain 353

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5133329528540586183

Request Chain 354

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=780f92b3-7bcd-42e6-8492-8bc9323b2eba

Request Chain 355

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 356

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

Request Chain 357

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1jZWIyMjIzNy1kN2E2LTMxYWMtYmI2OC00NGM4MzZkNTI3YjcQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jZWIyMjIzNy1kN2E2LTMxYWMtYmI2OC00NGM4MzZkNTI3YjcyAhIeOAE= HTTP 302
https://ssp.disqus.com/match?bidder=18&buyeruid=780f92b3-7bcd-42e6-8492-8bc9323b2eba&r=Cid1YS1jZWIyMjIzNy1kN2E2LTMxYWMtYmI2OC00NGM4MzZkNTI3YjcQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jZWIyMjIzNy1kN2E2LTMxYWMtYmI2OC00NGM4MzZkNTI3YjcyAhIeOAE= HTTP 302
https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS1jZWIyMjIzNy1kN2E2LTMxYWMtYmI2OC00NGM4MzZkNTI3YjcQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jZWIyMjIzNy1kN2E2LTMxYWMtYmI2OC00NGM4MzZkNTI3YjcyAhIeOAI=%26gdpr%3D%26gdpr_consent%3D

Request Chain 358

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

Request Chain 360

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 363

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f98f3832845a47308c26b259597af26f HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0Fk46qtgJ9PKvLra9127h3f8wfwjEtW6cUFCfQ HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0Fk46qtgJ9PKvLra9127h3f8wfwjEtW6cUFCfQ

Request Chain 364

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_vpHHTmpb1Wlve4AIv9-g&google_cver=1

Request Chain 365

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUK-YJeMT3hZvs28dQE4tQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJg76IifQXjv19Ah7cMM3hU&google_cver=1

Request Chain 367

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxX07KhX8AABmFZFEu2g&expiration=1700082784

Request Chain 368

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=pvZnrF-_W0NfTJ_nYYEzpVxorN4

Request Chain 369

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183

Request Chain 372

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=faab4fd88b5d437b80f25955c3cd3ca9 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0Fk46qtgJ9PKvLra9127h3f8wfwjEtW6cUFCfQ HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0Fk46qtgJ9PKvLra9127h3f8wfwjEtW6cUFCfQ

Request Chain 373

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9082381977519593646

Request Chain 375

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BDdonlBkacgfN2_OVDFxyVFka5UfYGXIATpYUy4e

Request Chain 376

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxX07KhX8AABmFZFEu2g&expiration=1700082784

Request Chain 377

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUK-YJeMT3hZvs28dQE4tQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJg76IifQXjv19Ah7cMM3hU&google_cver=1

Request Chain 378

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUK-YJeMT3hZvs28dQE4tQAA%262183 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUK-YJeMT3hZvs28dQE4tQAA%262183&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=KaZd63skxb0GtgvTj00K&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUK-YJeMT3hZvs28dQE4tQAA%262183&tc=1

Request Chain 379

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB

Request Chain 385

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

Request Chain 386

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

Request Chain 396

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjAzOTE3NzM1Njc4NTQ4MjIyMA==&gdpr=0&gdpr_consent=

Request Chain 397

https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=8c8d287969ac5457d0d9aec40fb53c9f&gdpr=0&gdpr_consent=0

Request Chain 398

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7296604765358127262&gdpr=0&gdpr_consent=

Request Chain 399

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=182588496478409544&gdpr=0&gdpr_consent=

Request Chain 402

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=9082381977519593646

Request Chain 403

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_8deb4f18-f5e8-4f66-a3a5-161204b4f137&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2

Request Chain 404

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=85fccf37-cb5e-041b-133b-7d4f9837421f

Request Chain 405

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-a6f667ac-5fbf-5b43-5f4c-9fe7618133a5$ip$92.104.172.222

Request Chain 406

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-ADR8rlpE2pfew1iIlZgAzFAGO.KaUEgWROYs~A

Request Chain 407

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=ffb3b8e8-4d20-40b6-8ba5-9286a4c60aed

Request Chain 410

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=1NL9r9xtqS3E&ev=1&pid=558355

Request Chain 411

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=6039177356785482220

Request Chain 416

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=182588496478409544&gdpr=0&gdpr_consent=

Request Chain 420

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZUK-YcCo8YkAADt0qSEAAAAA

Request Chain 421

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=KaZd63skxb0GtgvTj00K&pi=gumgum

Request Chain 422

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=faeccde1-0d8d-4947-8120-1zz1698873170 HTTP 302
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&gdpr=0&gdpr_consent=&us_ps=

Request Chain 423

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 424

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3974510677

Request Chain 429

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

Request Chain 437

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
https://csync.smilewanted.com/set_partner_userid_get/adform/182588496478409544

Request Chain 441

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 443

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=olnxhfYK8NO5WfbV8l_o0vcK8o65DvzTp1TPlIYQ

Request Chain 444

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9082381977519593646&gdpr=0&gdpr_consent=

Request Chain 445

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296604765358127262&gdpr=0&gdpr_consent=

Request Chain 446

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent=

Request Chain 447

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pvZnrF-_W0NfTJ_nYYEzpVxorN4&gdpr=0&gdpr_consent=

Request Chain 450

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIeFgwN0toWDhBQUJtRlpGRXUyZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAHxX07KhX8AABmFZFEu2g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6039177356785482220&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAHxX07KhX8AABmFZFEu2g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6039177356785482220%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6039177356785482220&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHxX07KhX8AABmFZFEu2g&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHxX07KhX8AABmFZFEu2g&gdpr=0&gdpr_consent=

Request Chain 452

https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0

Request Chain 456

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528540586183

Request Chain 462

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iaSmmIJMRkakELNy5skMnw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 466

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOdI8s4omdvIFzHFt5tLKBQ&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=89A4A698-824C-4646-A410-B372E6C90C9F

Request Chain 468

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=182588496478409544

Request Chain 471

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89A4A698-824C-4646-A410-B372E6C90C9F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-d9dlszBE2uWS1CTNjwBTuGhUS9cysPs-~A&gdpr=0

Request Chain 478

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=ebc85f533c9d632183c577ab35615af&gdpr_consent=&gdpr=0

Request Chain 479

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Request Chain 483

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/ebc85f533c9d632183c577ab35615af?gdpr_consent=&gdpr=0

Request Chain 486

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=eb988943-9cd9-0319-0cd8-74551064c9bc

Request Chain 487

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUK-YJeMT3hZvs28dQE4tQAA%262183

Request Chain 488

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1691545596467370771006

Request Chain 489

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Request Chain 490

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=8c8d287969ac5457d0d9aec40fb53c9f

Request Chain 491

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

Request Chain 498

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOG987LT-25-I9YM HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LOG987LT-25-I9YM

536 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html Show response
www.bg3.co/a/ 61 KB
18 KB 2568ms
1457ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bf09a09ae0571cec3214c2dac116b6fc4f57b24a57b24f330e708add9537b135

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 Nov 2023 21:12:58 GMT
etag: "f2c6-dcnzjT0/jyOMFJzS8jB2vpNMrhw"
expires: Wed, 01 Nov 2023 21:13:58 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 764ms
48ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 21:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73131
x-xss-protection: 0
server: sffe
etag: "8cd1ce497f4c5169"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Nov 2023 21:12:59 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 778ms
63ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 21:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9636
x-xss-protection: 0
server: sffe
etag: "8e4fe4ecd2caf064"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Nov 2023 21:12:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 827ms
133ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2de8f040ffb3eb8abc9aa44e7a58f57f0f1d4e28ca22708c06a4c9f937dcdda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29968
x-xss-protection: 0
server: cafe
etag: 519 / 19662 / 31079210 / config-hash: 12744499585952903359
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:12:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 747ms
54ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5df6a1ccc00e4d3115da32812f17929b9e0107d74ba0efb942282a9455d2af19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91220
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 21:12:59 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 120ms
48ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 16:20:51 GMT
server: cloudflare
age: 16654
etag: W/"65412963-a1eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 81f723968cca0d57-MXP
expires: Thu, 02 Nov 2023 04:35:24 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 39 KB
11 KB 170ms
41ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF4) /
Resource Hash: 79435c78f5700a51da5339350b2c640153fcb817d0a7d328b5a53dd3f71252c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 01 Nov 2023 21:12:58 GMT
content-encoding: br
age: 43606
x-cache: HIT
x-client-device: desktop
content-length: 10736
x-ap-device: DESKTOP
last-modified: Wed, 01 Nov 2023 06:59:44 GMT
server: ECAcc (frc/4CF4)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Wed, 01 Nov 2023 22:12:58 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 710 KB
146 KB 172ms
42ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC5) /
Resource Hash: e21829c72e2ada8216248741b7f6e22ee5cdf20efe5a3827ce74833f22379831

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 01 Nov 2023 21:12:58 GMT
content-encoding: br
age: 43606
x-cache: HIT
x-client-device: desktop
content-length: 149535
x-ap-device: DESKTOP
last-modified: Wed, 01 Nov 2023 05:41:51 GMT
server: ECAcc (frc/4CC5)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Wed, 01 Nov 2023 22:12:58 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 574 KB
55 KB 109ms
31ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22186fe088f107b1b9cf8df09648855ec0ff2a229562aa3ea2105074245f64e4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9yWBe0cYrKEwvLXxauOxhAz34cwggtp7
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:58 GMT
x-amz-request-id: PVSW9Z3F3RTN91FY
age: 81
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 55396
x-amz-id-2: qm7sgMUNSEREF1/jEgB5o/I9q4r5gDGOlx2OHuNK/TNc3WfmpuMA+1gqUl0MOd/bVC9SJtmc98E=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 11:44:33 GMT
server: AmazonS3
x-timer: S1698873179.656286,VS0,VE1
etag: "f146a40917f9039abfb16f32adf97ac6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

450ms
52ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13728
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtLt2naugZkbtrR%2BJnKvw82j%2FbaXsq8ndwFtuak6yGgqrZdCPe2LcGcIUKpLa4iRxHb%2FhywAFPN229O5HNHMpQpUJg0eV8qpKrVu4xlRDba6y%2BNCBXUhd6r6k5Rvnza71w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 81f7239ead930de8-MXP

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
568 B 471ms
463ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=55F9506901644F46BD48FBF78407BF93&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&t=21%E6%AD%B2%E5%AB%A9%E5%A6%B9%E8%AA%86%E3%80%8C%E5%BF%83%E8%87%9F%E9%BA%BB%E7%97%B9%E8%B3%9C%E6%AD%BB%E8%80%81%E6%AF%8D%E3%80%8D%E3%80%80%E5%A4%A7%E5%8F%94%E7%94%B7%E5%8F%8B%E4%B8%8D%E6%8D%A8%E8%B2%B8%E6%AC%BE%E7%8B%82%E5%80%9F%E5%A5%B9805%E8%90%AC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2728&sc_rum_e_e=2734&sc_rum_f_s=0&sc_rum_f_e=2724&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 81f723970d330d57-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 impl.20231101-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 816 KB
169 KB 44ms
44ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 43260b3e830dc7e16eaf0554d00f15020357d9c13e553978034d878850cb763e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ue0v9oXRWcKpSMc7zNMS9p_qfLSU1fty
content-encoding: br
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:58 GMT
x-amz-request-id: 9DGHW7SWXQQCHD4G
age: 11022
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172851
x-amz-id-2: dVTYrwpbmY+JC8r8m8OxG666xKnDChvOsjbmrT7HV5B8fvG0iIXVJS7ErN5Dk3pHDs63wBhE7cI=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:00:44 GMT
server: AmazonS3-br
x-timer: S1698873179.764127,VS0,VE0
etag: "f765887f860a79098a8980da5a30f3fd"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 49569

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
30 KB 511ms
30ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4072548
x-cache: HIT, HIT
content-length: 29880
x-served-by: cache-lga21979-LGA, cache-fra-eddf8230104-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698873179.256688,VS0,VE0
etag: W/"28feccc0-14e98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 44, 14325

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 77ms
30ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3635079
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230104-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698873179.256684,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 723177

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 485ms
91ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 249808
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 75 KB
17 KB 368ms
361ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=22%3A12%3A59.242&lti=deflated&data=%7B%22id%22%3A18%2C%22ii%22%3A%22%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698839064533%2C%22vi%22%3A1698873179239%2C%22cv%22%3A%2220231101-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html%22%2C%22vpi%22%3A%22%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3481%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2328.6875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da091d798aecdf6b4121bd1631f8c90b8b7f06476821fd9b476134148b40f657

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 331
date: Wed, 01 Nov 2023 21:12:59 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.65625
x-fastly-to-nlb-rtt: 59078
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230060-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1698873179.259606,VS0,VE331
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
795 B 38ms
38ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1698873179305
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:12:59 GMT
date: Wed, 01 Nov 2023 21:12:59 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (frc/4CC2)
age: 6603455
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 39ms
38ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C8C) /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 01 Nov 2023 21:12:59 GMT
content-encoding: br
age: 4159796
x-cache: HIT
x-client-device: desktop
content-length: 122286
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: ECAcc (frc/4C8C)
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 21:12:59 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
311 B 32ms
30ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD4) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 01 Nov 2023 21:12:59 GMT
content-encoding: br
age: 5046998
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (frc/4CD4)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 21:12:59 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 32ms
31ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D07) /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 01 Nov 2023 21:12:59 GMT
content-encoding: br
age: 4159795
x-cache: HIT
x-client-device: desktop
content-length: 18371
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: ECAcc (frc/4D07)
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 21:12:59 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
318 B 173ms
52ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg4NzMxNzkzNjUsInBhY2tldElkIjoiMDAwMEE3MDEtNDRmMDRmNjktNjFlMS00NjZjLWI1ODQtNWJjZDFlMTM4MWE1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIxc3VpLW5lbi1tZWkta3VhbmcteGluLXphbmctbWEtYmktc2ktc2ktbGFvLW11LWRhLXNodS1uYW4teW91LWJ1LXNoZS1kYWkta3Vhbi1rdWFuZy1qaWUtdGEtODA1bW8uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3399.199996948242
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
364 B 174ms
54ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 48ms
47ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg4NzMxNzk1MTgsInBhY2tldElkIjoiMDAwMEE3MDEtNDRmMDRmNjktNjFlMS00NjZjLWI1ODQtNWJjZDFlMTM4MWE1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIxc3VpLW5lbi1tZWkta3VhbmcteGluLXphbmctbWEtYmktc2ktc2ktbGFvLW11LWRhLXNodS1uYW4teW91LWJ1LXNoZS1kYWkta3Vhbi1rdWFuZy1qaWUtdGEtODA1bW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3551.3999938964844
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 49ms
48ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg4NzMxNzk1MjQsInBhY2tldElkIjoiMDAwMEE3MDEtNDRmMDRmNjktNjFlMS00NjZjLWI1ODQtNWJjZDFlMTM4MWE1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIxc3VpLW5lbi1tZWkta3VhbmcteGluLXphbmctbWEtYmktc2ktc2ktbGFvLW11LWRhLXNodS1uYW4teW91LWJ1LXNoZS1kYWkta3Vhbi1rdWFuZy1qaWUtdGEtODA1bW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3557.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 49ms
49ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg4NzMxNzk1MjUsInBhY2tldElkIjoiMDAwMEE3MDEtNDRmMDRmNjktNjFlMS00NjZjLWI1ODQtNWJjZDFlMTM4MWE1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIxc3VpLW5lbi1tZWkta3VhbmcteGluLXphbmctbWEtYmktc2ktc2ktbGFvLW11LWRhLXNodS1uYW4teW91LWJ1LXNoZS1kYWkta3Vhbi1rdWFuZy1qaWUtdGEtODA1bW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3558.199996948242
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ 422 KB
132 KB 33ms
31ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24353
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135432
x-xss-protection: 0
server: cafe
etag: 13870563710225165476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 31 Oct 2024 14:27:06 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 71ms
70ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg4NzMxNzk1MTgsInBhY2tldElkIjoiMDAwMEE3MDEtNDRmMDRmNjktNjFlMS00NjZjLWI1ODQtNWJjZDFlMTM4MWE1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIxc3VpLW5lbi1tZWkta3VhbmcteGluLXphbmctbWEtYmktc2ktc2ktbGFvLW11LWRhLXNodS1uYW4teW91LWJ1LXNoZS1kYWkta3Vhbi1rdWFuZy1qaWUtdGEtODA1bW8uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3652
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET 34ad872f936ac3195c76ca11bdb36f8b.jpg
static.bg3.co/imgs/202106/ 0
0

GET 26ba2f577b80138b02604e48da69b85a.jpg
static.bg3.co/imgs/202309/ 0
0

GET 768ba272928638cac8f1cfb054a2c025.jpg
static.bg3.co/imgs/202105/ 0
0

GET 059937bbbdb7d978bffeff211cd8b229.jpg
static.bg3.co/imgs/202105/ 0
0

GET aa6a18e292d60aa1ff4276a69027ca86.jpg
static.bg3.co/imgs/202106/ 0
0

GET f8dfa843ba10309ff4a91556ffaba5c8.jpg
static.bg3.co/imgs/202309/ 0
0

GET ebbc89535129b885863dce6863078b8b.jpg
static.bg3.co/imgs/202109/ 0
0

GET 6ab949e4fb3c5efaf284f3708744ead6.jpg
static.bg3.co/imgs/202105/ 0
0

GET e21e9f88e8cc9b15759df3d8a44ea262.jpg
static.bg3.co/imgs/202112/ 0
0

GET 8a7fb52946b738e72a5907753acec142.jpg
static.bg3.co/imgs/202106/ 0
0

GET cd51288fc9ac4d0f784b7be913598f15.jpg
static.bg3.co/imgs/202106/ 0
0

GET 555798bb631d0b15c89c4b6f523b8f12.jpg
static.bg3.co/imgs/202105/ 0
0

GET 287f74b24fa69873e1d8fce073d60db0.jpg
static.bg3.co/imgs/202105/ 0
0

GET 390a3b07cda805a6f6116c577da5c960.jpg
static.bg3.co/imgs/202109/ 0
0

GET b98351aa48a2dfd4146814a8e21ad376.jpg
static.bg3.co/imgs/202106/ 0
0

GET 701baec5a8c451f22ca41521030c2a89.jpg
static.bg3.co/imgs/202105/ 0
0

GET fbaa51ee881818942f21545618699029.jpg
static.bg3.co/imgs/202106/ 0
0

GET 51b2e11a912aef21ac9377830d57173d.jpg
static.bg3.co/imgs/202203/ 0
0

GET f1eada2db86c6b7821284a76d91bae17.jpg
static.bg3.co/imgs/202106/ 0
0

GET 629664d6596df3cdc79a1ff398ff4439.jpg
static.bg3.co/imgs/202105/ 0
0

GET f98a5769ff46e0c9c48faf40721fc551.jpg
static.bg3.co/imgs/202105/ 0
0

GET 57714d4a7caa6836e66714ce48027f2c.jpg
static.bg3.co/imgs/202201/ 0
0

GET 53ad4970757707302f365d963eb9bdc3.jpg
static.bg3.co/imgs/202112/ 0
0

GET 0f67e04ac5347f9222872009af3002fa.jpg
static.bg3.co/imgs/202105/ 0
0

GET 5bf7f968df5c7552b82a3cca047740e0.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310201815000/v0/ 8 KB
4 KB 518ms
47ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 18:16:15 GMT
age: 97005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "4ca4ccf1afd64d82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Oct 2024 18:16:15 GMT

GET
H2 200 floating-unit.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 52ms
51ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9449c208764410105ecea33f69c192c31749f478ee3b2bdc63351f0a51918307

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: b9o_tyrkWAv3G0zqcM7mlnP2lsK1N5_5
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:59 GMT
x-amz-request-id: QW6C7N7V24HDWYV5
age: 39740
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2493
x-amz-id-2: m2OZeZ02rysSvZa339W9TdqeRUsmhHuZ1e12fZ8qTN6FUK3ZlQjM8zhvhqyTGsQA93p8thn12cA=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:00:59 GMT
server: AmazonS3
x-timer: S1698873180.689068,VS0,VE0
etag: "3b05241d280895da6f4520fb1b60b9b7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 12502

GET
H2 200 taboola-vignette-new-scanning.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 67ms
67ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7947fc706e3055b205951a22bef2655cde781df401c18942e49496a8f5647c3c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ij57uDg8YKlfWxOwEFHfeOvtVDjEMfQQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:59 GMT
x-amz-request-id: 4FZ9006W981TPZNK
age: 39708
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 8019
x-amz-id-2: D6GeNarTkqPXyW9vkb51eTkVlEIZQvbWQEWaM2K17gRyh76hsOEiKjoH4fqV7GSMi/ugQJK3zPk=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:00:40 GMT
server: AmazonS3
x-timer: S1698873180.702175,VS0,VE0
etag: "1da083932193c34f1291c9079d8d77aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 7
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 10156

GET
H2 200 distance-from-article.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 44ms
43ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09786c41a3905cd2436a020cad81c09334bb3f2012b4da70012edc55f427592a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gLNsfNgacyLkU8LtFMgU_XgupRwyV_uL
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:59 GMT
x-amz-request-id: S7VPGXTX45ET4WNQ
age: 39819
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1132
x-amz-id-2: sOKwwQqahVCBbY/gEYciLXAaNCMukY8Hy6Oq3Dhg6/RDxySXs5ZKvEPQhS37LKvwMxSlsn0YBg4=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:01:10 GMT
server: AmazonS3
x-timer: S1698873180.713583,VS0,VE0
etag: "3f59a1f7704ebf16208cead0458ddb7b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 125278

GET
H2 200 article-detection.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 44ms
44ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5e3738508aaf0c8fea2bd8b9ce4d1b0ae76dec5b43eb0f75d69f83f4d9e3b14

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3Ocvm0RbHaSqpRgv.PsJIWoz2ASflanV
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:59 GMT
x-amz-request-id: S7VMQ2088NXPSTMF
age: 39819
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1291
x-amz-id-2: WZn5zu52AhIpthv8H9HsctXiN63m8EspbN3mtru1g0cBp7UUxlUAbYkVf6hkWz06N7dOK8ujA+I=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:01:16 GMT
server: AmazonS3
x-timer: S1698873180.713573,VS0,VE0
etag: "6a7c58b6c1dcde6eebc1a6c34659c6c5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 125441

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.5.3/ 129 KB
35 KB 131ms
54ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b78162f8769a076a8a1b6410a6cbff12c3b09919848817de4d8d89e9fc34fd5

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:12:59 GMT
via: 1.1 0c249abd36bc8d7e9154dd60b0cf8244.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: MAA51-C1
age: 129552
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 34965
x-served-by: cache-fra-eddf8230039-FRA
last-modified: Tue, 31 Oct 2023 09:12:39 GMT
server: AmazonS3
x-timer: S1698873180.786768,VS0,VE0
etag: "0503214c6184856a0b13f502bcc057a6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 4oygbkeban_qYoUl6bCDpMrEy4Bg8XZ0_Jrfs8JaoGw-ufP7029nTQ==
x-cache-hits: 23563

GET
H2 200 feed-card-placeholder.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 40ms
40ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c053e6b00b68319676e77fb4d0a5456a90bdec49848eb46a84f380aeb3ba3646

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: W86EZveeSoLd8RcwYHmcH8Pxx0z7T1U1
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:59 GMT
x-amz-request-id: S7VXECKTA7HT87F5
age: 39819
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1262
x-amz-id-2: 9xrbS8L9HK+iyFnHb0e15pa2amrvPL4peeFewr63JlzgY1cKVIqRpwD9w441Hm83HbzMh4AER+QXFsfNderkcA==
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:01:04 GMT
server: AmazonS3
x-timer: S1698873180.713555,VS0,VE0
etag: "7f9270c67f80771519e4969f44f8d453"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 5
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 109720

GET
H2 200 userx.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 37ms
36ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d01485edc889f10ce5f17056301e09569f8e893bba2c306bde9f788119343cc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7rzOjVxN4IhTY7uCO5DC9pJyJbS3BBsC
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:59 GMT
x-amz-request-id: 3FHRR4EAT4T9Q4K3
age: 39800
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5398
x-amz-id-2: 57Xk1MHiGrk2fjaTvJFIT27py0CcIkbuOk0ZuWIMpm/g57ScGaQ09NviBqWgyuj0mnXu3XRO86s=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:00:37 GMT
server: AmazonS3
x-timer: S1698873180.716640,VS0,VE0
etag: "c646e0ba29eae5c4d5cf35a5e15a39b0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 28061

GET
H2 200 explore-more.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 36ms
36ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ad95379d595faee7a63f9159604939a91a8b672cc963fdb20d34e4eea87b836

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: TswxY6.f9EGkcJ12j70MzBZCCv3vcrvx
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:59 GMT
x-amz-request-id: S7VWX19EMAKHHTRC
age: 39819
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7706
x-amz-id-2: ojy2D11An7hafWnQb2Jc2mA8iTAiDOZRbpzViJLkYZ/j2IqCMmnMHFhnsMiOXjjLwV2DFTRpeFSsC1CIIlWQhg==
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:01:06 GMT
server: AmazonS3
x-timer: S1698873180.732041,VS0,VE0
etag: "0735712c7751feb36a3c542a844a1e26"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 58037

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 330ms
93ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=22%3A12%3A59.660&id=4073&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 331ms
95ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1698873179661%7D&tim=22%3A12%3A59.662&id=4282&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 331ms
95ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698873179684%7D&tim=22%3A12%3A59.685&id=7559&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK 1x1.b
ptz2.holaislascanarias.com/dynview/holaislascanarias-com/ 111 B
1 KB 175ms
55ms Image
image/png 109.232.194.27
EULERIAN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ptz2.holaislascanarias.com/dynview/holaislascanarias-com/1x1.b?ead-publisher=Sunmedia&ead-name=Sunmedia_Naturaleza2023-Cultura_Naturaleza_Suiza_DE_Islas_Native_Descubriendo_0_0_0_0_0_0&ead-location=ROS-1X1&ead-creative=Native-1X1&ead-creativetype=Native&ead-mediaplan=naturaleza2023&ea-rnd=[RANDOM]

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.232.194.27 , France, ASN50234 (EULERIAN-AS, FR),

Reverse DNS

ato.eulerian.net

Software

EWS /

Resource Hash

0609b70c35eab974a2c2d99d6da5d84d95b97f9fe3d28828710d04835153cb20

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date: Wed, 01 Nov 2023 21:12:59 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Server: EWS
Content-Type: image/png
Cache-Control: max-age=0, private
Connection: Close
Accept-Ranges: none
X-Robots-Tag: noindex
Content-Length: 111
X-XSS-Protection: 0

GET
H2

200

B30790062.378069976;dc_pre=CPe8nuPbo4IDFbeZgwcdweINgg;dc_trk_aid=569024626;dc_trk_cid=187116014;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc...
ad.doubleclick.net/ddm/trackimp/N273801.3298660SUNMEDIA/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N273801.3298660SUNMEDIA/B30790062.378069976;dc_trk_aid=569024626;dc_trk_cid=187116014;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/trackimp/N273801.3298660SUNMEDIA/B30790062.378069976;dc_pre=CPe8nuPbo4IDFbeZgwcdweINgg;dc_trk_aid=569024626;dc_trk_cid=187116014;ord=[timestamp];dc_lat=;dc_rdid=;tag_...

43 B
119 B

51ms
50ms

Image
image/gif

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N273801.3298660SUNMEDIA/B30790062.378069976;dc_pre=CPe8nuPbo4IDFbeZgwcdweINgg;dc_trk_aid=569024626;dc_trk_cid=187116014;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=bg3.co

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N273801.3298660SUNMEDIA/B30790062.378069976;dc_pre=CPe8nuPbo4IDFbeZgwcdweINgg;dc_trk_aid=569024626;dc_trk_cid=187116014;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=bg3.co
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 329ms
94ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A12%3A59.721&id=6391&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 327ms
92ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A59.726&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=4310&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 49740

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 326ms
91ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A59.728&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=605&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 49740

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 130ms
128ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A59.735&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4845&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 49156

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 131ms
129ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A59.737&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4146&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 49156

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 131ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A12%3A59.744&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7650&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 49156

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 36ms
35ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:12:59 GMT
x-amz-request-id: Y1PG8J215N22T8P1
age: 81
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1698873180.759478,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 72
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 114

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310201815000/v0/ 12 KB
4 KB 369ms
49ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-18-196-182-172.eu-central-1.compute.amazonaws.com

Software

sffe /

Resource Hash

0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 18:16:15 GMT
age: 97005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3941
x-xss-protection: 0
server: sffe
etag: "aef77be21ea5e253"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Oct 2024 18:16:15 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 678ms
103ms Script
application/javascript 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 08 Nov 2023 21:13:00 GMT

GET
H2 200 1366589489__kvVmJZIn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 39 KB
40 KB 46ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1366589489__kvVmJZIn.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c587795383747f5c6c263407f157be7997713f62494378ce99b190802d480d48

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 01 Nov 2023 21:12:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1366589489__kvVmJZIn.jpg
age: 783761
edge-cache-tag: 592199345752557595243972709386452314669,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 592199345752557595243972709386452314669,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 1982
req-referer: https://www.weather25.com/
content-length: 39790
x-request-id: d560c0d9b7bc463b1bcdf5ba793a2d3c
x-backend-name: CH_nlb802
x-served-by: cache-iad-kjyo7100039-IAD, cache-iad-kiad7000174-IAD, cache-lga21924-LGA, cache-iad-kiad7000131-IAD, cache-fra-eddf8230060-FRA
last-modified: Mon, 23 Oct 2023 08:41:40 GMT
server: nginx
surrogate-reporting: width=1886,height=1415,bytes=119134,owidth=2119,oheight=1415,obytes=1007917
x-timer: S1698873180.930886,VS0,VE1
etag: "ead8d193f838291ec800b548744253d0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 1366589489__kvVmJZIn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 18 KB
18 KB 61ms
60ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1366589489__kvVmJZIn.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 06dd22b70975165efb50fc7c3ef752d751e2cc81da8d28c5f5cb84580afc5afa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 01 Nov 2023 21:12:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1366589489__kvVmJZIn.jpg
age: 803446
edge-cache-tag: 592199345752557595243972709386452314669,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 592199345752557595243972709386452314669,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 685
req-referer: https://news.walla.co.il/
content-length: 18144
x-request-id: 3fe3cc583b5305a3ac57e70794b0931f
x-backend-name: LA_nlb203
x-served-by: cache-iad-kiad7000028-IAD, cache-iad-kcgs7200131-IAD, cache-lax10647-LGB, cache-iad-kiad7000033-IAD, cache-fra-eddf8230060-FRA
last-modified: Mon, 23 Oct 2023 08:41:40 GMT
server: nginx
surrogate-reporting: width=920,height=460,bytes=32702,owidth=2119,oheight=1415,obytes=1007917
x-timer: S1698873180.972049,VS0,VE0
etag: "6893e5d4750e656cbcf1d7e51dfac008"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 418

GET
H2 200 8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 89ms
88ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f5113f6fdf912946eb427523777f496019f8b48d318d33db21a61f091d78978

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 01 Nov 2023 21:12:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age: 2574720
edge-cache-tag: 469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 227
req-referer: https://www.witn.com/
content-length: 16422
x-request-id: 89339b3cbe998ab0ac66a9f90300ad49
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100020-IAD, cache-iad-kiad7000057-IAD, cache-iad-kjyo7100167-IAD, cache-fra-eddf8230060-FRA
last-modified: Wed, 13 Sep 2023 19:24:41 GMT
server: nginx
surrogate-reporting: width=460,height=256,bytes=33477,owidth=1344,oheight=896,obytes=1243876
x-timer: S1698873180.995142,VS0,VE1
etag: "ff39c8a01202a06ef26c0143701091ae"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 215, 1

GET
H2 200 efc67e9f1b620f8b95e26cdf50c14d92.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 69ms
68ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efc67e9f1b620f8b95e26cdf50c14d92.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9af3ab0a36366c1f7e2ef4dab217d5c8ca6411888f0d8aa27a97ceaf45c8c13d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efc67e9f1b620f8b95e26cdf50c14d92.jpg
age: 3151484
edge-cache-tag: 339327657250132961697542083500157117311,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 339327657250132961697542083500157117311,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 343
expiration: expiry-date="Mon, 09 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wapa.tv/
content-length: 31674
x-backend-name: LA_nlb202
x-served-by: cache-iad-kcgs7200137-IAD, cache-iad-kjyo7100126-IAD, cache-sna10736-LGB, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230060-FRA
last-modified: Fri, 08 Sep 2023 18:26:10 GMT
server: nginx
surrogate-reporting: width=460,height=256,owidth=1024,oheight=683,obytes=192697
x-timer: S1698873180.013941,VS0,VE1
etag: "a7b0a30ee74c969cf850e64fa446ea53"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1028, 1

GET
H2 200 7a150605b3e37013a291c9475cdcd069.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 49 KB
50 KB 121ms
104ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a150605b3e37013a291c9475cdcd069.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 548abf202e1fd5c5d47f038dd72b82e16b8121f274ae2411e4c169dc023a087f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a150605b3e37013a291c9475cdcd069.jpeg
age: 2571834
edge-cache-tag: 366941925163645809873903514280414537940,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366941925163645809873903514280414537940,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 271
expiration: expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 50330
x-backend-name: US_nlb105
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kiad7000023-IAD, cache-iad-kcgs7200062-IAD, cache-fra-eddf8230060-FRA
last-modified: Mon, 28 Aug 2023 15:11:09 GMT
server: nginx
surrogate-reporting: width=1200,height=600,owidth=1200,oheight=628,obytes=606914
x-timer: S1698873180.149313,VS0,VE1
etag: "ad18b834d253ab08085c64a69c0d3028"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 22, 1

GET
H2 200 2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
28 KB 102ms
90ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c131b7d7074657a3c6b3c78070b555c08c806b6aa112b5eb079adfedf01285db

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age: 2858403
edge-cache-tag: 495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 115
expiration: expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.espn.com/
content-length: 27248
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100039-IAD, cache-lga21930-LGA, cache-iad-kjyo7100043-IAD, cache-fra-eddf8230060-FRA
last-modified: Fri, 15 Sep 2023 21:01:09 GMT
server: nginx
surrogate-reporting: width=460,height=256,bytes=41106,owidth=1000,oheight=668,obytes=535178
x-timer: S1698873180.149287,VS0,VE0
etag: "4da26575e1978428f0b62597ca689e9e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 2595, 2

GET
H2 200 987965907dd345278f629121ce314eb6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 114ms
103ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/987965907dd345278f629121ce314eb6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eca1f470205e2cce43fa09686dddf0f515f638e681c5560e0714e3c4062fc830

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/987965907dd345278f629121ce314eb6.jpg
age: 811729
edge-cache-tag: 444765128350697305070358407752374301410,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 444765128350697305070358407752374301410,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 367
req-referer: https://www.gazzetta.it/Calcio/Serie-A/Juventus/storie/23-10-2023/juve-allegri-la-giacca-la-rabbia-gli-strip-e-le-urla-tutti-gli-sfoghi-piu-celebri/?refresh_ce
content-length: 9298
x-request-id: cc945c116ef642f0ab5526468fbd3dbc
x-backend-name: CH_nlb801
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kiad7000058-IAD, cache-chi-klot8100108-CHI, cache-iad-kcgs7200066-IAD, cache-fra-eddf8230060-FRA
last-modified: Fri, 20 Oct 2023 09:47:33 GMT
server: nginx
surrogate-reporting: width=460,height=256,bytes=19378,owidth=1200,oheight=627,obytes=50967
x-timer: S1698873180.149560,VS0,VE1
etag: "1d4637948422fd453b425bdcccad7103"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 13, 1

GET
H2 200 1366589489__kvVmJZIn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 20 KB
20 KB 101ms
89ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1366589489__kvVmJZIn.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c5fe50e629ec5ccdfccbf4a3c0aaac4db5977f4e027a843fee52b644629abf4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1366589489__kvVmJZIn.jpg
age: 786519
edge-cache-tag: 592199345752557595243972709386452314669,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 592199345752557595243972709386452314669,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 832
req-referer: https://rotter.net/
content-length: 20022
x-request-id: b415609a1d7e96f4dc72815d4e2d7f97
x-backend-name: US_nlb102
x-served-by: cache-iad-kjyo7100112-IAD, cache-iad-kiad7000109-IAD, cache-iad-kjyo7100050-IAD, cache-fra-eddf8230060-FRA
last-modified: Mon, 23 Oct 2023 08:41:40 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=36694,owidth=2119,oheight=1415,obytes=1007917
x-timer: S1698873180.149247,VS0,VE1
etag: "b8b76817cff9587ab7b988f1773f325c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 7, 1

GET
H2 200 7a150605b3e37013a291c9475cdcd069.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 55 KB
56 KB 100ms
89ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a150605b3e37013a291c9475cdcd069.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: edd7283bed5b01ee072745c93343a5baca13b6409d0aa2b3a152394b72083648

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a150605b3e37013a291c9475cdcd069.jpeg
age: 5570400
edge-cache-tag: 366941925163645809873903514280414537940,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366941925163645809873903514280414537940,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 389
req-referer: https://www.express.de/
content-length: 56354
x-request-id: bea726f0238c5a81fefe2a060fef27a7
x-backend-name: CH_nlb804
x-served-by: cache-iad-kjyo7100128-IAD, cache-iad-kiad7000140-IAD, cache-iad-kiad7000037-IAD, cache-fra-eddf8230060-FRA
last-modified: Mon, 28 Aug 2023 10:32:43 GMT
server: nginx
x-timer: S1698873180.149184,VS0,VE0
etag: "3b48b61d187f2dff4e5167146a877780"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 154, 2

GET
H2 200 8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 41 KB
42 KB 140ms
130ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e631720f34cdbb1bb673d53f90ae973c986f01be81a8872edd0ba75129967fed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 7
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age: 3577879
edge-cache-tag: 469380595437447606234874652449541692371,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 469380595437447606234874652449541692371,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 297
expiration: expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.theoaklandpress.com/
content-length: 41944
x-backend-name: CH_nlb804
x-served-by: cache-iad-kcgs7200049-IAD, cache-iad-kiad7000131-IAD, cache-iad-kcgs7200070-IAD, cache-fra-eddf8230060-FRA
last-modified: Sun, 20 Aug 2023 10:18:06 GMT
server: nginx
x-timer: S1698873180.149140,VS0,VE7
etag: "bf7716b13e632f6729ca265e0367df1c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 333, 1

GET
H2 200 efc67e9f1b620f8b95e26cdf50c14d92.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 101 KB
102 KB 53ms
50ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efc67e9f1b620f8b95e26cdf50c14d92.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a55f6da8ce5e92db28d3a4b9dd01654051bd753faf9dfa049d53162633b8d50a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efc67e9f1b620f8b95e26cdf50c14d92.jpg
age: 2574114
edge-cache-tag: 339327657250132961697542083500157117311,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 339327657250132961697542083500157117311,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 458
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.billie.ca/
content-length: 103586
x-backend-name: LA_nlb203
x-served-by: cache-iad-kiad7000098-IAD, cache-iad-kjyo7100139-IAD, cache-bur-kbur8200040-BUR, cache-iad-kcgs7200092-IAD, cache-fra-eddf8230060-FRA
last-modified: Sat, 15 Jul 2023 18:41:12 GMT
server: nginx
x-timer: S1698873180.244884,VS0,VE3
etag: "9fd7bff3825a8e750a93fa07a174d7c2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 25, 0, 389, 1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 598ms
66ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3au1v9102959953&_p=757108493&gcd=11l1l1l1l1&cid=990439440.1698873180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698873179&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=21%E6%AD%B2%E5%AB%A9%E5%A6%B9%E8%AA%86%E3%80%8C%E5%BF%83%E8%87%9F%E9%BA%BB%E7%97%B9%E8%B3%9C%E6%AD%BB%E8%80%81%E6%AF%8D%E3%80%8D%E3%80%80%E5%A4%A7%E5%8F%94%E7%94%B7%E5%8F%8B%E4%B8%8D%E6%8D%A8%E8%B2%B8%E6%AC%BE%E7%8B%82%E5%80%9F%E5%A5%B9805%E8%90%AC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 647ms
128ms XHR
application/json 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231101

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2a34e11ebf0ce5dc89f255eaba05379c048b35c2e259f719162caf48ba2fbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18731
x-jsd-version: 1.0.1861
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-mad22071-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-vDp1B9kyqfR0sTbk/GuzmQvMMt8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGMIJIsM%2F7DILuGWInCDgAeK066ZHi8ZOBi0ETCnkx7ej%2BNSC0BatM7jKae5djoLSZk3LYhbGa%2FQ9m6ZBQL6JLSUA2IKbiLc%2B49n16tE8ti%2BqFZtz%2BxVJsjQNgGrkaPGHQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f723a2183c22bc-CDG

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 278ms
133ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81f7239fcd59bae8-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 278ms
133ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81f7239fcd5cbae8-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
684 B 276ms
134ms XHR
application/json 18.196.182.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&tmax=2500

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.196.182.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 687ms
209ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=31619871486&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 01 Nov 2023 21:12:59 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 402ms
265ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 5cfbf516fdb5f971e760ec903c65dac93106caaee9a7f10954fad7b7d66f2357

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:12:59 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 21:13:00 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
466 B 266ms
138ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 57be7573a21b4f22962b6ad58a6a85daab4f7bdf6a022e173aab2def6c314093

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.1.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 7 KB
3 KB 876ms
328ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=0337c731-e25f-4781-ad6e-3db5eedc2dbf%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C21%E6%AD%B2%E5%AB%A9%E5%A6%B9%E8%AA%86%E3%80%8C%E5%BF%83%E8%87%9F%E9%BA%BB%E7%97%B9%E8%B3%9C%E6%AD%BB%E8%80%81%E6%AF%8D%E3%80%8D%E5%A4%A7%E5%8F%94%E7%94%B7%E5%8F%8B%E4%B8%8D%E6%8D%A8%E8%B2%B8%E6%AC%BE%E7%8B%82%E5%80%9F%E5%A5%B9805%E8%90%AC&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=7fe4398c-c2a7-41c1-8693-8b86e265de25%3B4332eb03-2604-4aaf-ba50-04cb2226b9a3&l_pb_bid_id=23bf2dba6f80c82%3B246d8b02f300cbb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7fe4398c-c2a7-41c1-8693-8b86e265de25%3B4332eb03-2604-4aaf-ba50-04cb2226b9a3&rp_maxbids=1&slots=2&rand=0.4783839687198961
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 80a81e172fa4ae77084df3be172fad9e7148540c1ef7bcf99ea0f0f5beb8cefa

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
518 B 426ms
82ms XHR
application/json 3.248.171.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-171-173.eu-west-1.compute.amazonaws.com

Software

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 1
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 14
content-length: 3
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 13 KB
6 KB 930ms
682ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29110a61b323bea9f577fb188fa7e3b9fbb204db48d32a8ac576c7b04aa8518

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NunkjW45FfctCliICTOtdCuWee5FUQ%2FkKvJb2ZGKphrlUk8ca%2BSZRMpxcWmPP9%2FG%2FWP5TNnDq7a9DhOeVbVjkU0Zeqs3xt%2BtkAAAgN4EAjuLuIGk8IJgG%2FlqUcT5%2Bg6tH7%2BLrzL"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 81f723a099210219-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
544 B 373ms
126ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c41fa9c5e5ab49de003a7802c4b168b7469905780afc730b6d8b58d292a7ea

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ2jvcGRJCqdTuluM6eLp%2BAkQ3gPTQM9Vpj10q4q9BhRgzzuV4xCCldhAhsydXIfpa%2FprLC3zWs9f%2FKmR9B9Eab5D9L4aPLVO37X1ZlM5P6HarQD%2BZKuoBhokfo3Kyg439iUQ4PM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 81f723a099250219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
313 B 473ms
226ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c41fa9c5e5ab49de003a7802c4b168b7469905780afc730b6d8b58d292a7ea

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D%2Faf0CpHNxOcCPUJUoJtsCgPTHHpPRK9rDV0EqZVlixYnjL4g%2Bos2tUqEvRlPj7tykAlrBLnlG7hlWSAwkDGn80IxS%2B8yBtm0fChiK9TgjwMqC3%2Bof3AGNyY3zGXNXiMjI%2BkQo5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 81f723a099260219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 35 KB
17 KB 488ms
283ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

b07ba9eb16b26c73ca7a6aa68555958dad53dd851889bb05dc767ab91f75c76f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
an-x-request-uuid: ceaaf8e6-b19f-4862-b549-90603aa9762e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 17 KB
9 KB 590ms
239ms XHR
application/json 3.76.107.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.107.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-107-155.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fa41f15fc8fb6fa7da669949cd35f6e0a8bd48da0e80000affe2f438d21cb7ca

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 01 Nov 2023 21:13:00 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 9069

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
493 B 480ms
275ms XHR
application/json 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 01 Nov 2023 21:13:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
244 B 338ms
102ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0e0886d6e4076f1a09c6fcd9a3010ea7a643c784aa5235d0153bad0f18bda37c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 303ms
67ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 295ms
60ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 592 B
668 B 379ms
69ms XHR
application/json 34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=2131
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0d7ca87f6e389a371dbcd1dd579bbdfe40bcc54e157c2f3aecde2722662bc5dd

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
274 B 311ms
47ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ 29 KB
19 KB 462ms
200ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

6899597093035d4936c71712cec676458c4ce29008e5f70de184f354c97517cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 19105

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 127ms
126ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4095512903409492&correlator=4374724619929484&eid=31079303%2C31079304%2C31078528%2C31079210&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1698873180229&lmt=1698873180&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=990439440.1698873180&ga_sid=1698873180&ga_hid=757108493&ga_fc=true&dlt=1698873178540&idt=1557&adks=2226185566&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0178132c3b67435e853fa117712debcc0554244636668c81884dfe489343b0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12591
x-xss-protection: 0
google-lineitem-id: 6344488284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440076868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
16 KB 388ms
388ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4095512903409492&correlator=964145237523793&eid=31079303%2C31079304%2C31078528%2C31079210&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1698873180251&lmt=1698873180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=990439440.1698873180&ga_sid=1698873180&ga_hid=757108493&ga_fc=true&dlt=1698873178540&idt=1557&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_14_0_pv%26cluster_reporting%3Dchrome_DESKTOP_14_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv8_e%26faid%3Dfalse&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39a234029feae0eed00acae82448c2e4e8a778b8b9f8b7132b2b5f5e512c8668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16185
x-xss-protection: 0
google-lineitem-id: 6393702623
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138449155092
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B28A 6 KB
3 KB 569ms
97ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:00 GMT
expires: Thu, 31 Oct 2024 21:13:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ 39 KB
13 KB 94ms
91ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl_page_level_ads.js?cb=31079210

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

cafe /

Resource Hash

ee4716a6da2cb64dac712d35dac832d9f47a2f45094f6c0979ef19d8fbf6438d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 10:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38131
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13712
x-xss-protection: 0
server: cafe
etag: 9520715235413911519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 31 Oct 2024 10:37:29 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
647 B 46ms
45ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2635
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShIB%2B%2BgyzArI%2Bcu0d4EcmbXshvlGvzbgfc6m5gwwqwCB5QrR9%2BbS4D0FK%2Bz%2B7ZsXowqy8Y8J7WQGJRv0EsDxMb52O8UhXdgkW7ZVzOuN3OIRKM05pczGEU%2Ftc0IL%2Baawew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81f723a118c80de8-MXP

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 587ms
149ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: ea07525bfc1af3d8f100c7ce98d537030ae3144f610d98c49461050ab433af4a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:00 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H2 200 next-up-widget.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 98ms
98ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dba6fa9ebfbcef579dfd7a36a0bcd134d9d7282bf6ae80640522a21d740d8a5b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EuZg6x4xbTYcOZ7vspbJeJPLapq6PROk
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:13:00 GMT
x-amz-request-id: 0M3WK9Z5P9WMA42Z
age: 39741
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4623
x-amz-id-2: srpdCTyI90rLU00OZce2OySqXmoHfZd/mBrjaTurUscfT6O2klg8d5XD1DRam/PxiURZdu/XTbA=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:00:56 GMT
server: AmazonS3
x-timer: S1698873180.443823,VS0,VE0
etag: "77e773696a8370fe4c91758a6c15aa13"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 12185

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 118ms
117ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1876%7D%22%2C%22eventTime%22%3A1698873180414%7D&tim=22%3A13%3A00.414&id=3171&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 144ms
143ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.34375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A13%3A00.449&id=661&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 124ms
124ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A13%3A00.458&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=586&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47108

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
988 B 468ms
70ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 19:40:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 21:13:00 GMT

GET
H2 200 spa-detector.20231101-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1023 B 84ms
80ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20231101-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29f22d0f57055a4afa29dff3f39af25b02b68c88138a4fb7a5ce01fa12a69c3e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rRzzDnlr2Ngk3tZeKj5tnCJZlFRqbkoa
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:13:00 GMT
x-amz-request-id: F3DR438TQ2W4AG5M
age: 39820
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 778
x-amz-id-2: 1aBqY7QbCpnaa1Uetfv+T2DVDsvtJ0W65qddRL58vNMQ437nIoQBQbjuZM3mgf5RBw7TbbPtrgs=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 01 Nov 2023 10:00:49 GMT
server: AmazonS3
x-timer: S1698873181.508834,VS0,VE0
etag: "85f043d291fccad973963675a075d2be"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 97
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 59381

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 128ms
125ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A13%3A00.460&id=4320&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 135ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1698873180461%7D&tim=22%3A13%3A00.462&id=5068&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 134ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A13%3A00.464&id=8110&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 163ms
161ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13315&lti=deflated&ri=edb42ecc8d58b4fee5e1b339679a2612&sd=v2_5493700546cd533ff2a4a0a6504f028f_8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db_1698873179_1698873179_CNawjgYQ2YJdGOf47eW4MSABKAEwKziy0A1Az4gQSOrb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&pi=/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&wi=-1547575186013137023&pt=text&vi=1698873179239&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1698873180466%7D&tim=22%3A13%3A00.466&id=8838&llvl=2&cv=20231101-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 535ms
233ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6079046273369193&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BB4A 0
0 116ms
116ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveCon39l3fnsYpy8XOpHnpaF5Klq36Dv_9N80P3HhEGUK7_5Miipq3wZ6CFbnhXltd0vuqBCwfEC4KXGsv-55aVV8JpiJMqEQ_MZhfuqRckQ3zxeNFBpSzvtU6OPTJYPlSKxq6gXO5BlBLhu9lRpx-CLYuQCXTgVJ--H6ZATVa1pIZVR_ZRPmEzE38mnnZxMltAlo1b_HVh1ADlhAoEn8XSqzR7yZXoRR7IRh21xiUNgRLL1S5VwIH6LSWclLLZAeFMJT8fDPKHuptBAwSYqyhpTNAJsiVBVLMET1ZS0adQ2LTWH-r4txPOMZ4Eu7MZ26SSg&sai=AMfl-YSdnvWgWHKGprEMC3V7w9tfIbCo5ket0aA5dlEFrZTpdSNriUeTAfE0BrvNOOZbkFWu1n9CQin-tnTgDegNWvNJkd-xxuPSzPIesa9gWbyuEcoJHop5qQy4OqkaOM62wOjnrz1IybtYOIE_v2s&sig=Cg0ArKJSzM4t89dbEm5HEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Nov 2023 21:13:00 GMT

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 289ms
79ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 13:45:26 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651ebdf6-66b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 01 Nov 2023 22:13:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB4A 188 KB
60 KB 486ms
83ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:01 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
632 B 458ms
43ms Script
application/javascript 18.66.97.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:48:19 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: c5ngQqhkdFYcyFQJc0enT4aBf0ND0qy-NfUTIl01czvXucFk7FCk5A==

GET
H2 200 1366589489__kvVmJZIn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 4 KB
5 KB 85ms
85ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1366589489__kvVmJZIn.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6429df7eccd051fdf4a8be6777d7633dfbdc2204bd7f408b60951b6c3d0b0c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1366589489__kvVmJZIn.jpg
age: 787633
edge-cache-tag: 592199345752557595243972709386452314669,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 592199345752557595243972709386452314669,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 547
req-referer: https://pureswandern.de/
content-length: 4152
x-request-id: b37d12f36cc69ac8f9f48215ec45333f
x-backend-name: CH_nlb803
x-served-by: cache-iad-kcgs7200100-IAD, cache-iad-kiad7000097-IAD, cache-chi-kigq8000078-CHI, cache-iad-kcgs7200130-IAD, cache-fra-eddf8230060-FRA
last-modified: Mon, 23 Oct 2023 08:41:40 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=5880,owidth=2119,oheight=1415,obytes=1007917
x-timer: S1698873181.643916,VS0,VE1
etag: "a1dee06dd994e95e5a90b37374c3e33a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 7a150605b3e37013a291c9475cdcd069.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 105ms
105ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a150605b3e37013a291c9475cdcd069.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64570a9e10f1ba48146eb77b3ddb95880625b01bb4f66a6a8c5a61a817619a49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a150605b3e37013a291c9475cdcd069.jpeg
age: 2540716
edge-cache-tag: 366941925163645809873903514280414537940,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366941925163645809873903514280414537940,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 286
expiration: expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tichyseinblick.de/
content-length: 6708
x-backend-name: US_nlb106
x-served-by: cache-iad-kjyo7100120-IAD, cache-iad-kiad7000096-IAD, cache-iad-kiad7000064-IAD, cache-fra-eddf8230060-FRA
last-modified: Mon, 28 Aug 2023 15:12:21 GMT
server: nginx
surrogate-reporting: width=160,height=160,owidth=1200,oheight=628,obytes=606914
x-timer: S1698873181.643880,VS0,VE1
etag: "042744f28d68fa0262659fcecd2861d1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 23, 1

GET
H2 200 8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 106ms
106ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 62c9f3349dd35e235fde6fe35230733f918c53c10b9dde9e682b9683c9706cb1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age: 2574484
edge-cache-tag: 469380595437447606234874652449541692371,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 469380595437447606234874652449541692371,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 78
req-referer: https://blog.livedoor.com/lite/matomeportal/?id=4537124_10437836&matome_link_blog_id=3320122&matome_link_article_id=10688731&utm_source=jp_middle&utm_medium=243&utm_campaign=matomeportal&utm_content=2&matome_support_blog_id=4537124&matome_support_article_id=10437836
content-length: 4708
x-request-id: ecadccf45439e04d3206de9d4695de2e
x-backend-name: CH_nlb803
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kjyo7100128-IAD, cache-iad-kjyo7100133-IAD, cache-fra-eddf8230060-FRA
last-modified: Wed, 13 Sep 2023 19:24:41 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=9676,owidth=1344,oheight=896,obytes=1243876
x-timer: S1698873181.643855,VS0,VE2
etag: "c5e9dd0035f7668ba0fccfca78b9ee91"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 136, 1

GET
H2 200 css2
fonts.googleapis.com/ Frame F2F0 4 KB
1 KB 268ms
69ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 19:30:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 21:13:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231030/r20110914/elements/html/ Frame F2F0 20 KB
9 KB 445ms
59ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231030/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8600
x-xss-protection: 0
server: cafe
etag: 14061149270319446037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 00:18:40 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame E2A3 422 B
388 B 65ms
63ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&cmcv=&pix=undefined&cb=1698873180684&uv=142387384&tms=1698873180684&abt=AdUnit2ESM_vA!adxImdtStrt4-out_vA!adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4de685bf-8fe2-4bd4-a637-4e203ce8d2de&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e1801d7254c1061344da7541f0514b398cc21ef5feb8d73c43dacce3db43e715

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 01 Nov 2023 21:13:00 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230060-FRA
x-timer: S1698873181.701963,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 3389 439 B
525 B 199ms
50ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 27951dcabca2897c3fedade876c65fd91f0688eac1949cbdca74419e0da42371

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 01 Nov 2023 21:13:00 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
721 B 140ms
139ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698873180692&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1565&pt=1739164452&tz=60&viewable=true&ddast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=AdUnit2ESM_vA!adxImdtStrt4-out_vA!adxsub-out_vA!adxsub-out_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b14bba8cbd353dbae1ac3cc252ac9e028280a36fa9cef8cc3eca12ba5cee45c3

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1487
x-cache: MISS
x-served-by: cache-fra-eddf8230060-FRA
pragma: no-cache
server: nginx
x-timer: S1698873181.710933,VS0,VE76
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E2A3 70 B
149 B 176ms
63ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&cmcv=&pix=undefined&cb=1698873180684&uv=142387384&tms=1698873180684&abt=AdUnit2ESM_vA!adxImdtStrt4-out_vA!adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4de685bf-8fe2-4bd4-a637-4e203ce8d2de&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E2A3 43 B
425 B 568ms
125ms Image
image/gif 34.247.198.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&cmcv=&pix=undefined&cb=1698873180684&uv=142387384&tms=1698873180684&abt=AdUnit2ESM_vA!adxImdtStrt4-out_vA!adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4de685bf-8fe2-4bd4-a637-4e203ce8d2de&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.198.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame E2A3 43 B
146 B 220ms
42ms Image
image/gif 52.28.119.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&cmcv=&pix=undefined&cb=1698873180684&uv=142387384&tms=1698873180684&abt=AdUnit2ESM_vA!adxImdtStrt4-out_vA!adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4de685bf-8fe2-4bd4-a637-4e203ce8d2de&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.119.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-119-39.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/142387_384/infra/ 603 KB
121 KB 40ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/142387_384/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e3a2966f0a0e06d3084e739035c83bac6b0d17bff4ed573a6759abd0595f1352

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1698333476
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: Z3K737445HNWD425
age: 538777
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1698333477
x-amz-meta-mode: 33188
content-length: 123228
x-amz-id-2: LguoOlXMb2KKURxVS18E5QbCDDvbZVaHXjUYDsLjc5MfH5z/2qG8LknzHZaKPsQ70F4uztX/pdg=
x-served-by: cache-fra-eddf8230039-FRA
last-modified: Thu, 26 Oct 2023 15:17:58 GMT
server: AmazonS3-br
x-timer: S1698873181.857368,VS0,VE0
etag: "d556938309926c0d4b8d9bdccaea2538"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 34623

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/142387_384/assets/css/ 60 KB
8 KB 39ms
38ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/142387_384/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1698333487
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: Z3KA07QMD9ECG5Q0
age: 538778
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1698333487
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: JtTeNEDeE6FbWFQeyc1czFWeqf0QOpoB1bjjxLdjLtjMtJjZvqD8pTvwRMqPObaSguva+BRNFcI=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Thu, 26 Oct 2023 15:18:08 GMT
server: AmazonS3-br
x-timer: S1698873181.858115,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 42173

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
287 B 130ms
129ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10637&tvi50=13315&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 81
date: Wed, 01 Nov 2023 21:13:00 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59107
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230060-FRA
pragma: no-cache
server: nginx
x-timer: S1698873181.860951,VS0,VE81
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 56 KB
20 KB 112ms
112ms XHR
application/json 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&referrer=&async=1&uid=2752317911&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d361a6a6295339c14e4b1ff7661a8d5418b1d92894cf16ad759cf7addcda78e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 01 Nov 2023 21:13:00 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3389 70 B
148 B 72ms
71ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:00 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 3389 43 B
426 B 428ms
122ms Image
image/gif 34.247.198.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.198.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 3389 0
125 B 181ms
54ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 a1550967.js Show response
js.genieessp.com/t/550/967/ Frame E814 9 KB
4 KB 1402ms
736ms Script
application/javascript 133.186.12.12
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/550/967/a1550967.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.12 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p012.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 128161533312fa79a057e50dfaf61f7ab9b2d44c4be01fb22d125b1b2e3c23d9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 08:08:17 GMT
server: nginx
etag: W/"65016df1-2598"
content-type: application/javascript
cache-control: max-age=900, private
cross-origin-resource-policy: cross-origin
expires: Wed, 01 Nov 2023 21:28:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E814 188 KB
59 KB 121ms
114ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:01 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 120ms
120ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS8yMXN1aS1uZW4tbWVpLWt1YW5nLXhpbi16YW5nLW1hLWJpLXNpLXNpLWxhby1tdS1kYS1zaHUtbmFuLXlvdS1idS1zaGUtZGFpLWt1YW4ta3VhbmctamllLXRhLTgwNW1vLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS00NGYwNGY2OS02MWUxLTQ2NmMtYjU4NC01YmNkMWUxMzgxYTUiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMzQ3NDljNDctNTc5My00Njk1LWFlZTgtM2NmYzA0NGNlZTNiIiwidGltZU9mQXVjdGlvbiI6MTY5ODg3MzE3OTkzOSwiYmlkcyI6W3siY3BtIjowLjE1NTM3NCwiYWRJZCI6Ijc2OTQ1YWY0MGMyMzdmNyIsIm9yaWdpbmFsQ3BtIjowLjE1NTM3NCwiYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDE1NTM3NCwiZm9ybWF0VHlwZSI6Im5hdGl2ZSIsInJlc3BvbnNlVGltZSI6NTc2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODg3MzE4MDU3NH0seyJjcG0iOjAuMDMxOTQ4MDk3MDI1LCJhZElkIjoiNzk0YjMyNTVjZWFjNGVhIiwib3JpZ2luYWxDcG0iOjAuMDMxOTQ4MDk3MDI1LCJiaWRkZXIiOiJvbmV0YWciLCJyZXZlbnVlIjowLjAwMDAzMTk0ODA5NzAyNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTM5LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODg3MzE4MDU4Nn0seyJjcG0iOjAuMDI4NDU3OTk5OTk5OTk5OTk3LCJhZElkIjoiODFhNjExMmUwNWM4ZDM0Iiwib3JpZ2luYWxDcG0iOjAuMDMzNDc5OTk5OTk5OTk5OTk2LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjg0NTc5OTk5OTk5OTk5OTgsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY0NCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg4NzMxODA2NzV9LHsiY3BtIjowLjA2LCJhZElkIjoiODM2ZDc3ZjlhNTU3ODI0Iiwib3JpZ2luYWxDcG0iOjAuMDYsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1OTk5OTk5OTk5OTk5OTk5NSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODg2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODg3MzE4MDg1NH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhcHBuZXh1cyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzY5NDVhZjQwYzIzN2Y3IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDE1NTM3NH0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMzQ3NDljNDctNTc5My00Njk1LWFlZTgtM2NmYzA0NGNlZTNiIiwidGltZU9mQXVjdGlvbiI6MTY5ODg3MzE3OTkzOSwiYmlkcyI6W3siY3BtIjowLjE3MjQyOCwiYWRJZCI6Ijc1OGYwNmM3OTVkM2UxMiIsIm9yaWdpbmFsQ3BtIjowLjE3MjQyOCwiYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDE3MjQyOCwiZm9ybWF0VHlwZSI6Im5hdGl2ZSIsInJlc3BvbnNlVGltZSI6NTc0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODg3MzE4MDU3Mn0seyJjcG0iOjAuMDIyNzU0MzQ0ODc1LCJhZElkIjoiODBlZGI4MWVmYWNhNDY0Iiwib3JpZ2luYWxDcG0iOjAuMDIyNzU0MzQ0ODc1LCJiaWRkZXIiOiJvbmV0YWciLCJyZXZlbnVlIjowLjAwMDAyMjc1NDM0NDg3NSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTQxLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODg3MzE4MDU4OH0seyJjcG0iOjAuMTEsImFkSWQiOiI4MmY5YTlmMDY3NzBkMTciLCJvcmlnaW5hbENwbSI6MC4xMSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMTEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjg4NSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg4NzMxODA4NTN9LHsiY3BtIjowLjAzLCJhZElkIjoiODRkMzk0Nzg4ZTk0NzY3Iiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjk1MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg4NzMxODA5NDF9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiYXBwbmV4dXMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc1OGYwNmM3OTVkM2UxMiIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxNzI0Mjh9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=4985.799995422363
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:01 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame BD46 714 B
593 B 35ms
35ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 12730
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 81f723a50de30de8-MXP
content-encoding: br
content-type: text/html
date: Wed, 01 Nov 2023 21:13:00 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmqR%2B%2FO87sYPgnwjzxdCtfnig3yzWxrARqjzR8JHGX7acPUR6fi9RBvag1aDc3QGtQbl8TkrbSR9T%2Fn97Qkq3Ncz8qSQPNyByxrqWRu4Irz4M69kP0BBdF%2F098fi2ZyEaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D6A1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

185ms
83ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Nov 2023 21:13:01 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 01 Nov 2023 21:13:01 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/132a2e82-afe1-3147-823d-310b47a4c838?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-HWyDzsVE2oVz7EiPoDlqLJBTv_6db6c_m3SgYRI-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

131ms
130ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Wed, 01 Nov 2023 21:13:01 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 626ms
625ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4095512903409492&correlator=3766527624953303&eid=31079303%2C31079304%2C31078528%2C31079210&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&arp=1&abxe=1&dt=1698873180989&lmt=1698873180&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGslFfB4f7diBZYOw2rvzk6IUZB1Ri66K57-hdfNzWAqDc1TsOC7yu1iDFVOg9eYT6urt30MQLWWEYkWpy-BwW_s&ga_vid=990439440.1698873180&ga_sid=1698873180&ga_hid=757108493&ga_fc=true&dlt=1698873178540&idt=1557&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_14_0%26cluster_reporting%3Dchrome_DESKTOP_14_1_active_0%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_native_image%3Dhb_native_image%253A758f06c795d3e12%26hb_native_linkurl%3Dhb_native_linkurl%253A758f06c795d3e12%26hb_native_body%3Dhb_native_body%253A758f06c795d3e12%26hb_native_title%3Dhb_native_title%253A758f06c795d3e12%26hb_ap_format%3Dnative%26hb_ap_pb%3D0.17%26hb_ap_adid%3D758f06c795d3e12%26hb_ap_bidder%3Dappnexus%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A758f06c795d3e12%26hb_native_image_appn%3Dhb_native_image%253A758f06c795d3e12%26hb_native_body_appne%3Dhb_native_body%253A758f06c795d3e12%26hb_native_title_appn%3Dhb_native_title%253A758f06c795d3e12%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv8_e%26faid%3Dfalse&adks=2102018513&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

211cee777a20646094539362bf07e7ccd9e616467d7fa768a1ea9d2dfc676fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11408
x-xss-protection: 0
google-lineitem-id: 5317549419
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138305001114
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 347ms
347ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4095512903409492&correlator=3766527624953303&eid=31079303%2C31079304%2C31078528%2C31079210&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&arp=1&abxe=1&dt=1698873180994&lmt=1698873180&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGslFfB4f7diBZYOw2rvzk6IUZB1Ri66K57-hdfNzWAqDc1TsOC7yu1iDFVOg9eYT6urt30MQLWWEYkWpy-BwW_s&ga_vid=990439440.1698873180&ga_sid=1698873180&ga_hid=757108493&ga_fc=true&dlt=1698873178540&idt=1557&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_14_0%26cluster_reporting%3Dchrome_DESKTOP_14_1_active_0%26ap_refresh_type%3DAV_3%26hb_native_image%3Dhb_native_image%253A76945af40c237f7%26hb_native_linkurl%3Dhb_native_linkurl%253A76945af40c237f7%26hb_native_body%3Dhb_native_body%253A76945af40c237f7%26hb_native_title%3Dhb_native_title%253A76945af40c237f7%26hb_ap_format%3Dnative%26hb_ap_pb%3D0.15%26hb_ap_adid%3D76945af40c237f7%26hb_ap_bidder%3Dappnexus%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A76945af40c237f7%26hb_native_image_appn%3Dhb_native_image%253A76945af40c237f7%26hb_native_body_appne%3Dhb_native_body%253A76945af40c237f7%26hb_native_title_appn%3Dhb_native_title%253A76945af40c237f7%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv8_e%26faid%3Dfalse&adks=3374688892&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a9f8b8ae4e93e3b163123ec63b9443a1f5cbfca5d59bb1214c6bc19e94d64a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11388
x-xss-protection: 0
google-lineitem-id: 5317549560
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138305001114
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame BF8A 4 KB
2 KB 53ms
53ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

709fe1b7eb5592062764e8a96c26525ed8017e882a8a4281dc621feee16d94d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1437
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 362 KB
125 KB 527ms
43ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127418
x-xss-protection: 0
expires: Wed, 01 Nov 2023 21:13:01 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 55ms
54ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 01 Nov 2023 22:13:01 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 60 KB
13 KB 57ms
56ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2023 13:43:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651c1a89-ee50"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 01 Nov 2023 22:13:01 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 88 KB
23 KB 75ms
74ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=e4e0b93a37ede71e38029a3875bc7287
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 15:16:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65368e64-16141"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 01 Nov 2023 22:13:01 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 130 KB
41 KB 81ms
80ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 15:40:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65427166-20687"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 01 Nov 2023 22:13:01 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 293 KB
98 KB 86ms
86ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
last-modified: Tue, 24 Oct 2023 15:09:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6537de23-49456"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 01 Nov 2023 22:13:01 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 106ms
106ms Stylesheet
text/css 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=8e4042cf-3b30-4eb8-bdf1-df61fcd33821&p_id=23

0
151 B

67ms
66ms

Image
text/plain

212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=8e4042cf-3b30-4eb8-bdf1-df61fcd33821&p_id=23
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=8e4042cf-3b30-4eb8-bdf1-df61fcd33821&p_id=23
date: Wed, 01 Nov 2023 21:13:01 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=83307315-4321-433f-9706-e2c16a4eb6a2&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=83307315-4321-433f-9706-e2c16a4eb6a2&gdpr=0&gdpr_consent=
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-j7S2RKtgJ9PKvLra9127h3f8wfwq4clmnsn0ew&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&p_id=15

0
154 B

283ms
129ms

Image
text/plain

185.180.223.67
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&p_id=15
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-67.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: //ad.vidver.to/delivery/v2/sync?userid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&p_id=15
date: Wed, 01 Nov 2023 21:13:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 92ms
92ms Image
image/png 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Wed, 08 Nov 2023 21:13:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BD46 95 KB
29 KB 133ms
131ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-146-67.compute-1.amazonaws.com

Software

cafe /

Resource Hash

c322cd54d773a70b1ba4afd284b04082321b5d31e2e9e225a15ed79c68942fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29845
x-xss-protection: 0
server: cafe
etag: 92 / 19662 / m202310250101 / config-hash: 12744499585952903359
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:01 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 846ms
188ms Fetch
application/json 3.233.146.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvMjFzdWktbmVuLW1laS1rdWFuZy14aW4temFuZy1tYS1iaS1zaS1zaS1sYW8tbXUtZGEtc2h1LW5hbi15b3UtYnUtc2hlLWRhaS1rdWFuLWt1YW5nLWppZS10YS04MDVtby5odG1s.json Show response
cdn.adpushup.com/42753/ 555 B
245 B 457ms
457ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvMjFzdWktbmVuLW1laS1rdWFuZy14aW4temFuZy1tYS1iaS1zaS1zaS1sYW8tbXUtZGEtc2h1LW5hbi15b3UtYnUtc2hlLWRhaS1rdWFuLWt1YW5nLWppZS10YS04MDVtby5odG1s.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:13:01 GMT
date: Wed, 01 Nov 2023 21:12:19 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31536000
x-client-device: desktop
x-client-geo: CH

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 54ms
54ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/142387_384/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1435786
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1698873181.120193,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 109205

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.6.5/ 426 KB
81 KB 39ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.6.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/142387_384/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2f7ed4e77c9ae0c81247f1868ff69ab63d0e7c9ada05cc79356d8f671cba3a0d

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1698746463
date: Wed, 01 Nov 2023 21:13:01 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: YF1Y7H8GDS2EJ78Y
age: 126646
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1698746477
x-amz-meta-mode: 33188
content-length: 82073
x-amz-id-2: ga2YZ5krwm1sZb6vxUX1TaGc6m/8ir3CykRD+MpXJ8Pq0CkoRxXkEiSiv1YX2O/EWcqkVm1ipbY=
x-served-by: cache-fra-eddf8230039-FRA
last-modified: Tue, 31 Oct 2023 10:01:18 GMT
server: AmazonS3-br
x-timer: S1698873181.127366,VS0,VE0
etag: "70a1fab1aff95971a6240163950d2f7e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 91317

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E319 439 B
524 B 46ms
45ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/142387_384/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 27951dcabca2897c3fedade876c65fd91f0688eac1949cbdca74419e0da42371

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 01 Nov 2023 21:13:01 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 88ms
51ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&cmcv=&pix=31579697&cb=1698873181119&uv=142387384&tms=1698873181119&su=3&abt=AdUnit2ESM_vA!adxImdtStrt4-out_vA!adxsub-out_vA!adxsub-out_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-length: 0
server: nginx

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C2F4 24 KB
10 KB 515ms
98ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e59d2f2151a1ca7606dc4a2d62c4e78d6c33bbb1466c0c0d67f19bcc17e68372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10065
x-xss-protection: 0
server: cafe
etag: 10015674828814416429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:01 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 77ms
36ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 01 Nov 2023 21:13:01 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 3324526
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1698873181.206542,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 632714

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame BF8A 43 B
443 B 203ms
68ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1075 283b7e3 master zrh zrh-pixel-x24 config_version:"1369" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:01 GMT
Server: MT3 1075 283b7e3 master zrh zrh-pixel-x24 config_version:"1369"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 01 Nov 2023 21:13:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame BF8A
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LOG987LT-25-I9YM&gdpr=0

0
291 B

53ms
52ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LOG987LT-25-I9YM&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LOG987LT-25-I9YM&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame BF8A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9082381977519593646

0
291 B

78ms
72ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9082381977519593646

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:01 GMT
an-x-request-uuid: d548a05b-2b9a-475b-b48a-00fb8e84b322
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9082381977519593646
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame BF8A
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=ebc85f533c9d632183c577ab35615af&gdpr_consent=&gdpr=0

0
291 B

55ms
54ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=ebc85f533c9d632183c577ab35615af&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:01 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=ebc85f533c9d632183c577ab35615af&gdpr_consent=&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1698873181467039-583
Expires: Wed, 01 Nov 2023 21:13:01 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame BF8A 42 B
679 B 263ms
59ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=njN6JwotBZangorY7GUEkKgxEeMGfYdRY34iv0yHHKc
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BF8A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4y7hBQSo59x5P-LiTzoWNNawyAy23mNsQ

170 B
409 B

249ms
89ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4y7hBQSo59x5P-LiTzoWNNawyAy23mNsQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4y7hBQSo59x5P-LiTzoWNNawyAy23mNsQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame BF8A
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=6039177356785482220

0
291 B

54ms
54ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=6039177356785482220

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=6039177356785482220
date: Wed, 01 Nov 2023 21:13:01 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame BF8A 0
0 238ms
58ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BF8A
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=dww_mkQ0CzQ42PQlQTZnr9iWSDIesWJGqEHTkYZTlDw

43 B
479 B

462ms
121ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=dww_mkQ0CzQ42PQlQTZnr9iWSDIesWJGqEHTkYZTlDw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3C81JGKJFR8PMT1QQ5RD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=dww_mkQ0CzQ42PQlQTZnr9iWSDIesWJGqEHTkYZTlDw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame BF8A
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODlBNEE2OTgtODI0Qy00NjQ2LUE0MTAtQjM3MkU2QzkwQzlG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=89A4A698-824C-4646-A410-B372E6C90C9F

0
291 B

64ms
64ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=89A4A698-824C-4646-A410-B372E6C90C9F

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=89A4A698-824C-4646-A410-B372E6C90C9F
date: Wed, 01 Nov 2023 21:13:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame BF8A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

0
291 B

44ms
43ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame BF8A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

0
291 B

43ms
43ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A
date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BF8A 70 B
148 B 80ms
76ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame BF8A
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&google_hm=ZjRkZTJhYjEtYTVlMi00NWM0LTkwZWYtMWEzNjIzOGVmYmZk
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHkmCKvtd75Te7xMLjWhWKI&google_cver=1&ssp=onetag&bsw_param=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd
https://onetag-sys.com/match/?int_id=30&uid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&gdpr=&gdpr_consent=&us_privacy=

0
291 B

93ms
93ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 01 Nov 2023 21:13:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sync
ad.mox.tv/delivery/v2/ Frame BF8A
Redirect Chain

https://ad.mox.tv/delivery/sync?userid=njN6JwotBZangorY7GUEkKgxEeMGfYdRY34iv0yHHKc&p_id=5
https://ad.mox.tv/delivery/v2/sync?userid=njN6JwotBZangorY7GUEkKgxEeMGfYdRY34iv0yHHKc&p_id=5

0
157 B

66ms
65ms

Image
text/plain

212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/v2/sync?userid=njN6JwotBZangorY7GUEkKgxEeMGfYdRY34iv0yHHKc&p_id=5
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.mox.tv/delivery/v2/sync?userid=njN6JwotBZangorY7GUEkKgxEeMGfYdRY34iv0yHHKc&p_id=5
date: Wed, 01 Nov 2023 21:13:01 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
DATA 200
OK truncated
/ Frame BB4A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42653b0bfd10ea50f3a65e4d9ac8c93b91e9bc982c4f102b7b15f6b6f4089436

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BB4A 0
0 897ms
80ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS51hTwzx-VbkzJ8Jk5uf3NyvjiAxL8Ykgn8iiPmDbbBKtVBSQoqdGDYMGc3y-nqHjzxBSmmREWX0RIBMPCkVoo4pFs3fRefFOYJVpWjs_wnR09tfKWqPkFrNeXmNGwhJD7-Qqxza1V90UEhzIY7FWFlC2OEFZpwoSoiiorWY65I3oZZHSKzG_osmzQDwemCevBDifty-5o-yY_ftmxNlneZMUXszPGB5OC7XXzW_4ZY455H-qptxAkr7G-GvvETCf5Iy4-WnT9-1LivmaCRAe8UlpezyNv5KquC5dhuLt14b8m6iQu5a2uU0QI_0WQYmCZiGV&sai=AMfl-YSI4iMU7ufdHSCL7H28wXH141atofmOklGukxCo43dqY-Gtetioj46-DlqRMLXDhkRL6OUutt17_VHs3v9wG0d0me0EIdoMT1vSPCqhdjosNpQQIK8ej7toup7upFJU9nJwbitiH3-xU2Q-O9o&sig=Cg0ArKJSzBVlDJbN1bmLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Nov 2023 21:13:02 GMT

GET
H2 200 pixel;r=1350906093;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html;uh=e51ed67dfb8d91...
pixel.quantserve.com/ 35 B
372 B 95ms
75ms Image
image/gif 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1350906093;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-245818000-1698873180568;pbc=0337c731-e25f-4781-ad6e-3db5eedc2dbf;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1698873181282;tzo=-60;ogl=;ses=006e5894-11be-4bae-9f1c-02c4ce510ed5;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E319 70 B
148 B 94ms
93ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E319
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-a0BOIzZE2oT4peiLqf2PbJnUzjBPyG1BFnyFhg--~A

0
98 B

108ms
81ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-a0BOIzZE2oT4peiLqf2PbJnUzjBPyG1BFnyFhg--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30615

Redirect headers

date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-a0BOIzZE2oT4peiLqf2PbJnUzjBPyG1BFnyFhg--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame E319 0
15 B 75ms
75ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D6A1 41 KB
11 KB 42ms
41ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6aad608c392bc7481be6731e6c486c32916ec8070612373d0628247c1545f5f6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 04:17:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=25389
Connection: keep-alive
Content-Length: 11104
Expires: Thu, 02 Nov 2023 04:16:10 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/ Frame BD46 420 KB
132 KB 45ms
44ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35165
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135100
x-xss-protection: 0
server: cafe
etag: 11278338207436733902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 31 Oct 2024 11:26:56 GMT

GET
H2 200 container.html Show response
2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C677 6 KB
3 KB 39ms
38ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-146-67.compute-1.amazonaws.com

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:00 GMT
expires: Thu, 31 Oct 2024 21:13:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
771 B 35ms
34ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 01 Nov 2023 21:13:01 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 11128
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1698873182.740696,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5148

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
90 KB 52ms
51ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f696511695bd89f02e89aa8e63125ab4332480b02669fb5a9b7ca3053d376d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91510
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 21:13:01 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 252ms
252ms Fetch
application/json 3.233.146.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 42ms
42ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:13:01 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 1393
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1698873182.758723,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 38
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 9521

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 41ms
41ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Nov 2023 21:13:01 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 5337
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1698873182.758761,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 16
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 7229

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D6A1 7 B
766 B 327ms
83ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2 200 container.html Show response
2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7482 6 KB
3 KB 96ms
96ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:00 GMT
expires: Thu, 31 Oct 2024 21:13:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C2F4 147 KB
51 KB 123ms
122ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b667a2af6bf43244fe8eaf82e9232e43567b98cb4667a155b1e2d92e0c67801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51989
x-xss-protection: 0
server: cafe
etag: 6205302019332667136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:01 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C677 24 KB
7 KB 69ms
66ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Oct 2024 19:44:58 GMT

GET
H2 200 native-trk.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame C677 12 KB
5 KB 900ms
194ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/native-trk.js

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f82c6dfd3fe1bc4eef0b0facc251264f2193ac0233bdfb87cf9d75aba8e8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21988
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220045-FRA, cache-lcy-eglc8600066-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"2fce-wjD8EdtI/0k7sSEjTK6kjYlWuRs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JullUsDxiGnEwTKaz%2Fk%2BqYldZSg4Z2%2F6hAqGaerhelHtNEwnJ0ZHEqYv4LKyyT%2BHpU5FiVwjcMtvKkYXiWEpbsDfw8TXCZEXO1cKfPFaa46wVEU5yIJSE7Y53CFwgh%2BeIXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f723af0fe304d9-CDG

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C677 188 KB
59 KB 76ms
74ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:01 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 172ms
171ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

static.171.184.235.167.clients.your-server.de

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 adxprebid.1.2.aspx Show response
inv-nets.admixer.net/ 0
262 B 268ms
41ms Fetch 167.235.184.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/adxprebid.1.2.aspx

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 01 Nov 2023 21:13:02 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0
p3p: CP="NID DSP ALL COR"

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 130ms
127ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230039-FRA
date: Wed, 01 Nov 2023 21:13:01 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BD46 492 B
337 B 156ms
155ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3145105104274312&correlator=14303998497976&eid=31078987%2C31079298%2C31079305&output=ldjh&gdfp_req=1&vrg=202310250101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1698873181871&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=8jt7ihjgdmh7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMd2M8tpEhRlpFhDARwa-TNzYPPEXUY_9pmr803KPmwFe5r9Tg6ontIrju-WOuu1F_qL84NMkc2pNbOeRdTrezCK9q9PmpFHkeypEsnOAFTKd4moqm4lRl8gY9xPmevbSHVvf3t_B9K1upcS5VndjlYvsqERL0segkS02AOg5LP3NQL_2yWQsXNWsIoSL58IMx-Uve9H2-iiIqg2A&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1507982925.1698873182&ga_sid=1698873182&ga_hid=1937557025&ga_fc=false&dlt=1698873181041&idt=762&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ecd97f67b3bdd6bddd0bbd7285314cfe7e4351567ce316673e90c1efb3ff1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BD46 16 KB
12 KB 950ms
121ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b46b85458e75cc7e05afd57dcb3d246ce2c79d9abe37488f92f4f584b9255647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0

GET
H2 200 container.html Show response
0f03edd706d92b74ca8c708e721ed991.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 711C 6 KB
3 KB 142ms
113ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0f03edd706d92b74ca8c708e721ed991.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:01 GMT
expires: Thu, 31 Oct 2024 21:13:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 103ms
102ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3au1v886690812&_p=757108493&gcd=11l1l1l1l1&cid=990439440.1698873180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698873181&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=21%E6%AD%B2%E5%AB%A9%E5%A6%B9%E8%AA%86%E3%80%8C%E5%BF%83%E8%87%9F%E9%BA%BB%E7%97%B9%E8%B3%9C%E6%AD%BB%E8%80%81%E6%AF%8D%E3%80%8D%E3%80%80%E5%A4%A7%E5%8F%94%E7%94%B7%E5%8F%8B%E4%B8%8D%E6%8D%A8%E8%B2%B8%E6%AC%BE%E7%8B%82%E5%80%9F%E5%A5%B9805%E8%90%AC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7482 24 KB
6 KB 83ms
82ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Oct 2024 19:44:58 GMT

GET
H2 200 native-trk.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7482 12 KB
5 KB 762ms
198ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/native-trk.js

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f82c6dfd3fe1bc4eef0b0facc251264f2193ac0233bdfb87cf9d75aba8e8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21988
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220045-FRA, cache-lcy-eglc8600066-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"2fce-wjD8EdtI/0k7sSEjTK6kjYlWuRs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTgeQpbOMgdrbT5%2FhAcwS2e4wUWqzbrGMqa0rrpGKiDGswolpOdNu3ly8Ad3ewe9OW5iKsLTg8kSs02QgZxdJNnS1U1OCNorxO9ZFE7HEYn%2FPIYQ%2BZW0g0ce3ERx3vMggGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f723af0fea04d9-CDG

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7482 188 KB
59 KB 104ms
104ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:02 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C677 0
0 131ms
130ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfIqQxDkYOJK6_2tRhJ18RPQfHzFr-zzzgZ-akRfDpO4ifdLXWCM7sGlEGJTwZ3oAnFopppOQJyi-uoaW6QtBULFK9MQb7VoARhRAHzn7YyCRGI3qHM_Ncib8GPwG7dNBmbHxB0Xy0WMQHSu2YwSTdR25moKIO7--CQZJMMbc0SUAP2XMj1ea5vZYqxtWdCEySsEx3pBUSt5H8OhydVM62UJs52QWPye1okt-Dov1MUSdBIVbYoLp5tZHE2mf5ZUuonXIm4uuyYKLiRpJrPdpC2XTamssXASocHszfyVP19hCrtxk_VgmJ2EggFDzHpJtyrBgkWT-A2U_LpoWc8KVWfw3RY74EdsL9RQ&sai=AMfl-YQ1NHrQkdQq-sCjlp8iaLcbi1Ue3U--95vLGfEn5rcin0RGjDIYDRY5Adl1W0O1b0x2B7ZShKmk5jQm--94s92F4S6Om6DnTA4e5pYCkAVG7UxHRfens_gl8UsBwvU&sig=Cg0ArKJSzHrT_V-dsQ6HEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 404 hb_native_image:76945af40c237f7
2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C677 2 KB
2 KB 77ms
77ms Image
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/hb_native_image:76945af40c237f7

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

536644ece3308e53271cf747c4d8ebedf658e1e4a2f185b976ff03e96f80a2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1614
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ Frame C2F4 398 KB
135 KB 158ms
157ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1630bf3cfa39a4a14a2eea64fffa8c367bb321a61856d778a77794e7080a75b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138041
x-xss-protection: 0
server: cafe
etag: 4031304715446361663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/ Frame 0479 10 KB
5 KB 468ms
50ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 26434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 13:52:28 GMT
etag: 251720774729838433
expires: Wed, 15 Nov 2023 13:52:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 565ms
152ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=8458acef-9edb-4bc2-8f97-b426fe2528b9-tuctc3c44db&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Nov 2023 21:13:02 GMT
cache-control: no-store
server: nginx

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7482 0
0 73ms
73ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2R6WttzXT7j_vx2K5skYzPe_JS-GB2aIjXUPZt4v6V-8GnGLI-aiQmFittm0x-fiiXv1n0TfAMdM2KiuCUyhjvOguwarZpA9EpVFjYSp2AnGKExCXTaKkMNtbQ57xfutmfxgWBoJkBoziJR39gtAwMw9uPKMKuvn6RXV91QoWXFmQX3nqY2K9TUpz9-Wa5dMK2iE8-M8czdntssF19qN-3hpIHBQVciLpKUCyvzp5x78dLcntd6r5em7ECouJYHn2-AOVHmldOwhjE1Z4K4mExemRzZnT2uFPk1zuRjw1Gp1O9DXE13-MR6CB_H3DqWsdhRCh4xWjhPv21wUm0LJfHGH_4yfLjrQYXw&sai=AMfl-YRkewokQkhvQSjjLx-uYxNwhaBBkjTPn6mf8Ba7m_tdgRgv6EaYRR58srh5q-ST07q8_fmunXXGvFPg9YPYkMzT3uZIMluuuavOGAsZeiD18-c8AvX-qckr0COKKMA&sig=Cg0ArKJSzAGKhk_7_TuuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame D6A1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOG987LT-25-I9YM
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOG987LT-25-I9YM
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

94ms
93ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Wed, 01 Nov 2023 21:13:02 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 404 hb_native_image:758f06c795d3e12
2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7482 2 KB
2 KB 53ms
53ms Image
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/hb_native_image:758f06c795d3e12

Requested by

Host: 2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com
URL: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

def3e99fe0205c105d8ee16ea3cd818f3d5a1a45857df10ec0693ddf1b649e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1614
x-xss-protection: 0

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 112 KB
32 KB 228ms
228ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 17:37:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"653fe9e1-1bee3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 01 Nov 2023 22:13:02 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 124ms
124ms Stylesheet
text/css 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.599.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B234 753 KB
242 KB 36ms
33ms Document
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 415463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247375
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 01:48:39 GMT
expires: Sun, 27 Oct 2024 01:48:39 GMT
last-modified: Fri, 27 Oct 2023 06:13:31 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 129ms
127ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 21:13:02 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5005 40 KB
14 KB 105ms
104ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 01 Nov 2023 21:47:46 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 231ms
231ms Image
text/xml 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=yNG5No2Zh%2Fs3vLT57Db2abCpWwzz3VASOg4mRkpJlrbSvyXD2TRpYlgp17RG9Y%2BqUmitvv2oltvdh8EDZ2vYpMLKvFzkb8KNE%2FGreopd4O58ycEuGDiJd6iUe5%2BGKWB7gketdcA7l%2BkoWxKLEErvsqqJEuoANOP2KO8r8HTRcJ34VZBu9hb0qIGn2mLLC5rVlJdfo4j%2FnYM0VYHJgF%2Fz62Lqv8PdGJo37KMDlXs6D7OJr4yFagrjFJC2BH7%2FY%2F1sdQ6W4poc41PUJcLInF4UI4kv40AbRF1TIwzFvYvmxxhc2bZMXVSEzJfHu4ErqyzufjLxC6hQfawAH2A%2BwOsha%2FMhM00mYf%2BWNHeYtXAdLFKoQPRfJj%2Ft26DJIb%2BHz9%2BX6da%2F%2Bcc530LH%2FfT08oBNpxa4uttVkfA0cr65HGJfOpEofJVmkUqOeVNqueCTMF5ZBLWsHVAEGUSnPDBXeQ8CKQjgabZTPOdt%2BtzTLaooytVyR8ZXkV7PuFPtj05itPcLuMGOXjZV3V9AWRHIiaGb0cx7%2BTQepu0h%2F1a7AYiDSTDBhbdmriDooAB6NgyAQBQAgHYigJunjvqV5wyLSoqOaA%3D%3D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/ 64 KB
0 313ms
48ms Media
video/mp4 190.2.150.144
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-144.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 01 Nov 2023 21:13:02 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D6A1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/m8ybShHgq3prw5B9nY5HL8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4zFT0iFE2oK5LaoVe89pld8pH0HLbWmogpdgnA--~A

42 B
679 B

85ms
69ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4zFT0iFE2oK5LaoVe89pld8pH0HLbWmogpdgnA--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 01 Nov 2023 21:13:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4zFT0iFE2oK5LaoVe89pld8pH0HLbWmogpdgnA--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D6A1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hOWyPdbITRGogdx094B2NA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hOWyPdbITRGogdx094B2NA

43 B
479 B

103ms
103ms

Image
image/gif

67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hOWyPdbITRGogdx094B2NA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

HTTP/1.1

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8KJ6TRHDGYFVSFBEEDKP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hOWyPdbITRGogdx094B2NA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D6A1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=C_i8PgMFQP-xA5x9i6jj1Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=C_i8PgMFQP-xA5x9i6jj1Q

43 B
479 B

169ms
168ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=C_i8PgMFQP-xA5x9i6jj1Q

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QGBY6NAZNEAVQQXZ6T3B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=C_i8PgMFQP-xA5x9i6jj1Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D6A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN4zvdFPACMHfwl3Q2Fh6T4&google_cver=1

42 B
679 B

85ms
34ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN4zvdFPACMHfwl3Q2Fh6T4&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN4zvdFPACMHfwl3Q2Fh6T4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame D6A1 70 B
148 B 190ms
187ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

setuid
px.ads.linkedin.com/ Frame D6A1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG987LT-25-I9YM

0
648 B

573ms
180ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG987LT-25-I9YM
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0D5AFE63384647B194AD681CF0CA2352 Ref B: ZRHEDGE1022 Ref C: 2023-11-01T21:13:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJHbyVv9ozLU5dRQt2Sw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG987LT-25-I9YM
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6A1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjU4MjY3NDY4OTFjZjQ3NGIwYTEwY2JmZTQ0YjcyMDBmN2E2YjQ5NQ

170 B
188 B

100ms
100ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjU4MjY3NDY4OTFjZjQ3NGIwYTEwY2JmZTQ0YjcyMDBmN2E2YjQ5NQ

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjU4MjY3NDY4OTFjZjQ3NGIwYTEwY2JmZTQ0YjcyMDBmN2E2YjQ5NQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6A1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9HOTg3TFQtMjUtSTlZTQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJEq2LhW2UOi3ZNBowQQV0Y&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HOTg3TFQtMjUtSTlZTQ==&google_push=

170 B
188 B

96ms
96ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HOTg3TFQtMjUtSTlZTQ==&google_push=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HOTg3TFQtMjUtSTlZTQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D6A1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHxX07KhX8AABmFZFEu2g&expires=30

42 B
679 B

46ms
46ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHxX07KhX8AABmFZFEu2g&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHxX07KhX8AABmFZFEu2g&expires=30
Date: Wed, 01 Nov 2023 21:13:02 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame D6A1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG987LT-25-I9YM

0
502 B

592ms
137ms

Image
text/html

18.244.114.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG987LT-25-I9YM
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 18.244.114.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-114-27.lhr50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
via: 1.1 0316c07369e8911f4fffe6ae5475e30c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: LHR50-P6
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: iR2jWYzDiZE7umHakPmeQEl4y42nRCqfoZDMxAwRNcecOetJVNMfUw==

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG987LT-25-I9YM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame D6A1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LOG987LT-25-I9YM

0
150 B

44ms
43ms

Image
text/plain

147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LOG987LT-25-I9YM
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:01 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LOG987LT-25-I9YM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame D6A1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LOG987LT-25-I9YM

0
311 B

300ms
53ms

Image
text/plain

216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LOG987LT-25-I9YM
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Server: 216.52.2.48 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:02 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LOG987LT-25-I9YM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D6A1
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ffb3b8e8-4d20-40b6-8ba5-9286a4c60aed&expires=30

42 B
679 B

33ms
32ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ffb3b8e8-4d20-40b6-8ba5-9286a4c60aed&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ffb3b8e8-4d20-40b6-8ba5-9286a4c60aed&expires=30
Date: Wed, 01 Nov 2023 21:13:03 GMT
Connection: keep-alive
X-CI-RTID: 771b45b4-7e8c-45a9-b588-a0ab46a5735f
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame D6A1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOG987LT-25-I9YM

43 B
1 KB

279ms
278ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOG987LT-25-I9YM

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

a23-32-238-98.deploy.static.akamaitechnologies.com

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:02 GMT
an-x-request-uuid: b5a199a0-1762-4818-b520-0d951d3b7f41
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOG987LT-25-I9YM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame D6A1
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOG987LT-25-I9YM&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOG987LT-25-I9YM&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sX0FJdGR0RTJ1SFJyZHRBYmQ2ZDBDOS4yazFUYTZRcn5B&ovsid=LOG987LT-25-I9YM&dpid=58160

52 B
315 B

184ms
68ms

Image
image/gif

23.32.238.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sX0FJdGR0RTJ1SFJyZHRBYmQ2ZDBDOS4yazFUYTZRcn5B&ovsid=LOG987LT-25-I9YM&dpid=58160

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Server

23.32.238.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 01 Nov 2023 21:13:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 52
x-mnet-hl2: E
expires: Wed, 01 Nov 2023 21:13:03 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sX0FJdGR0RTJ1SFJyZHRBYmQ2ZDBDOS4yazFUYTZRcn5B&ovsid=LOG987LT-25-I9YM&dpid=58160
date: Wed, 01 Nov 2023 21:13:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

pixel
capi.connatix.com/us/ Frame D6A1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LOG987LT-25-I9YM&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LOG987LT-25-I9YM&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

89ms
88ms

Image
image/gif

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LOG987LT-25-I9YM&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 81f723b2d94d23df-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 01 Nov 2023 21:13:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LOG987LT-25-I9YM&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 81f723b22fec23df-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 jsk Show response
ialaddin.genieesspv.jp/yie/ld/ Frame E814 724 B
643 B 953ms
301ms Script
text/javascript 222.230.178.129
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1550967&cb=11016627651&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&sw=1200&sh=1600&topframe=0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.129 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: f37bbc7351a147c46e39abbc29083386e848eb80396410db8bf3257732926c5d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame E814 633 B
597 B 641ms
73ms Script
text/javascript 2.22.242.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by: Host: js.genieessp.com
URL: https://js.genieessp.com/t/550/967/a1550967.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.242.169 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-22-242-169.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"
content-type: text/javascript
cache-control: private, max-age=3600
content-length: 445
expires: Wed, 01 Nov 2023 22:13:03 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame C2F4 210 B
546 B 540ms
115ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d1d0edf1f01a0ad30ecfcd735d6b7860977be607ea0257401d3fad9c5dddddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 194
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame B1F2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16988...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
872 B

439ms
45ms

Document
text/html

18.66.122.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-20.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 428
content-length: 459
content-type: text/html
date: Wed, 01 Nov 2023 21:13:03 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
x-amz-cf-id: e0Bwhu80xEfJX2xiLUgW8sLlikbXNykrY9hDYQkzmlSSXB6QOGmokg==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:03 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
18 KB 557ms
116ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 23:29:51 GMT
x-content-type-options: nosniff
age: 423792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 23:29:51 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 541ms
100ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:11:12 GMT
x-content-type-options: nosniff
age: 518511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 21:11:12 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 178ms
178ms Image
image/svg+xml 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 362 KB
125 KB 96ms
96ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127418
x-xss-protection: 0
expires: Wed, 01 Nov 2023 21:13:02 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/ 92 KB
0 303ms
90ms Media
video/mp4 190.2.150.144
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-144.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 01 Nov 2023 21:13:02 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 556ms
61ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Nov 2023 21:13:03 GMT

GET
H2 200 HbRCQzjSbOMXhwe04peCBGEMev9JpmXwwnG5Qe6IZF1yaUXLTaxqq%2FEZpZQ9L2A4NunDw6A9DZBJ%2F%2FOv7rSayi1JAiy1IdvNjCDpi4XuiYVK0VLt4%2Fc8if%2FknGI7GvWrIn%2F12cdII3pQyGe8XRTYpednXPaNLrefYep9IFfE9WpZNqyNNvBHygmuX... Show response
ad.vidverto.io/delivery/video/pod/ Frame B234 53 KB
22 KB 204ms
203ms XHR
text/xml 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/HbRCQzjSbOMXhwe04peCBGEMev9JpmXwwnG5Qe6IZF1yaUXLTaxqq%2FEZpZQ9L2A4NunDw6A9DZBJ%2F%2FOv7rSayi1JAiy1IdvNjCDpi4XuiYVK0VLt4%2Fc8if%2FknGI7GvWrIn%2F12cdII3pQyGe8XRTYpednXPaNLrefYep9IFfE9WpZNqyNNvBHygmuXMiDTRKEfSHwPTx0oJp6lru6AVKkruhjvDUHEFe4Y84O%2F4Fp9cmzHYF5WhIvoHzoHlu4%2B91soHAVDW77WERt1coOj1x%2Ficv5uiSVD61gZcno3ILDWKGHT7Ccbf2ttEO4Dgm8q%2BNmI89qItj5whMidnV4sJ%2Bv34UlDYOqvKDRdpBJFVbGckRItrKEL7HV%2BnU%2BcT25E7zGBsI5FSbqXPJXqwgOsbR%2FyC1dFgU4JvxrUzUUoIpdTs0rOpXxTox1oVmFmpw%2Fyddsc7MaSF8mLAz6DLvMPtiBdG3lJCp5Hq%2FFeOkSk70HA2HbPTyrjCA3iiJxHmpAAoIK2lnrZCOjxUNycrg%2BxCTcyk8237IFmafD3sW1xgqX9yncbiFYaD4aVl%2Bp6Qj47reOyv6Dp9rZ0HTNuTNEkorFaGnfbhJpuDzzJiB9aCFpcWg%2BVNfLCYFZGs791dK8eW11t7T02eyspYT6oTmd%2FSrdcDQnOwIkiMPKwVDSCcSn%2FC%2FvOmHeo%2FP4LmLnc2Oyunm5Yfiuw6Gl%2BiYkn%2FbZ7u9eEJV9pyMnfFDJQisiRjGb1hRFODNrXcLbnh8MQ35I6k%2BWcMU8HmW%2BlEKU1DTMluH%2FjrkpObeb8tPhYYCEzHaLKZPqCs3c2RO%2Bh04JjOpm04DEOmRqEVStKmWEzRfzoc1Yzg%3D%3D?bids=%7B%7D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0487aa06eaa0d9d090f527057660cdbbb7aebbff1b2d05b43fefb22ad61c1810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/ 152 KB
152 KB 315ms
94ms Media
video/mp4 190.2.150.144
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-144.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=16744448-

Response headers

Date: Wed, 01 Nov 2023 21:13:02 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 16744448-16900083/16900084
Connection: keep-alive
Content-Length: 155636

GET
H2 200 bridge3.599.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8F4A 753 KB
242 KB 60ms
59ms Document
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 415463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247375
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 01:48:39 GMT
expires: Sun, 27 Oct 2024 01:48:39 GMT
last-modified: Fri, 27 Oct 2023 06:13:31 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4E8C 40 KB
14 KB 32ms
31ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 01 Nov 2023 21:47:46 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B234 0
234 B 1192ms
302ms Ping
image/gif 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~log98915&c=2563004335882&slotId=1281502167941&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s45-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C677 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37bbf6eec04fa98ee30b486de1ff8358f6f6cfd68189e803ff3566f32bcff3b4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7482 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f5026aa1984134e0c86a88c3e5c2e09e90fac8a8aa779002d787fd8a1849ced

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C677 0
0 110ms
109ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukvo82puB_y94D_uMUjuO5SwyJrO07EsgixPbrfw5NdA0MAPhH3ctAW7fdH3Ve9ivj7vdqWHLrBbhd8DeZnYzxjlQV5F8ExRnnA8CZSM07CXlxzkRJbZtsWOxgD4IMlqKXVUQ1gsh6nsqBCldZ7d_wUfbpfn-9EcEyZR7IS_ESIz_wb3ssFsX40uG3-FCvLAdiN9awjkj9fgcYkoBSD9bAN5HElwvLVusav7QYv6CG7oQNf1QM1lMqW1ipECo-6pcV397ssRg0t11wzUXNPCfj4qM4pkobGcetz3u17JMb8Alz7-UCXYNpqHra9MpgNdOeXJfWUK01K_ph4xQpIuoaeq9ST5vt2ctKKJmh&sai=AMfl-YQR7VWxWJE-9Vzn3oNBFhOR4nyFRUcIiWKeQPWNthBl9CxlhRl1yGzHs-_aJXmokoV-dhtD8ptBNa0s4jOyD0T9-vYfMGXnibz5xAnvp8INPvx1mYIy3yVVWiRrp1w&sig=Cg0ArKJSzCPJnbwn0hqwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Nov 2023 21:13:02 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7482 0
0 106ms
105ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEo6GyMAtKOiHVdjjCidD44qYSCa9cqIGPPyJoSLk31Nnbvf6cKgdXpOONlWyR-CSkVuWnniZw2VOiH3q4AYkCI2RcXtkOUD73h1JLQKfqe7P7B4qBhBgkxJtqGma79f4mmIlv-HIfYMZoIwffFkzMS6CPT8DAa8tuL1RAD5EZKooyXaHPw_VLcyzxqMCnGkOJ2anpBw5NHrYVRSbj1dmsLsKXRDh-tVCn33taaJeVg_vMAwHy7fOLSe8MzNZeozaKfViaabodDGZt7g9fhPp6fs6weme9uQUIxg_lREjl-t0qWuei2xdVdk_EguZFHhjLXdzhwBp-Jj9lUVmk95uTtlwQsZ1T0r-deJjd&sai=AMfl-YTM_Obs_qdSIXXXYmaGAJhdlrkFya0dJFWUNWgcjUp8puVGOk6nMxJmPeRS19klAYmraO4l7u5tp_0kFx54DaSN91dP4LFuzBLtSohbjpmr22in9iNG_zgObJrE_jI&sig=Cg0ArKJSzLW6xS62LiXfEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Nov 2023 21:13:02 GMT

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame B234 65 B
656 B 965ms
460ms XHR
text/xml 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=1743473&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B234 156 B
190 B 335ms
334ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4257471199068011&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F9Oyvonw2EIiYfGrkP1-ErQ%3A1698876780%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=E0B835F1-CCC0-421E-9473-9FAA993B9C0D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=1698873182855&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&scor=1385844002775193&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame B234 156 B
231 B 343ms
342ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4257471199068011&cust_params=mt_fln%3D1.5&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F9Oyvonw2EIiYfGrkP1-ErQ%3A1698876780%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=E0B835F1-CCC0-421E-9473-9FAA993B9C0D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=1698873182858&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&scor=1385844002775193&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame B234 156 B
231 B 411ms
411ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4257471199068011&cust_params=mt_fln%3D1.3&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F9Oyvonw2EIiYfGrkP1-ErQ%3A1698876780%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=E0B835F1-CCC0-421E-9473-9FAA993B9C0D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=1698873182860&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&scor=1385844002775193&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B234 156 B
233 B 206ms
205ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4257471199068011&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F9Oyvonw2EIiYfGrkP1-ErQ%3A1698876780%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=E0B835F1-CCC0-421E-9473-9FAA993B9C0D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=1698873182863&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&scor=1385844002775193&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B234 156 B
190 B 286ms
286ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4257471199068011&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F9Oyvonw2EIiYfGrkP1-ErQ%3A1698876780%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=E0B835F1-CCC0-421E-9473-9FAA993B9C0D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=1698873182865&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&scor=1385844002775193&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame B234 156 B
231 B 483ms
483ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4257471199068011&cust_params=mt_fln%3D0.8&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F9Oyvonw2EIiYfGrkP1-ErQ%3A1698876780%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=E0B835F1-CCC0-421E-9473-9FAA993B9C0D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=1698873182870&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&scor=1385844002775193&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame B234 156 B
263 B 266ms
265ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4257471199068011&cust_params=target%3D0.5&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F9Oyvonw2EIiYfGrkP1-ErQ%3A1698876780%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=E0B835F1-CCC0-421E-9473-9FAA993B9C0D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=1698873182872&cookie=ID%3Da343bd0b5e6d7283%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_MbNXVpOc7XE3VVnMM4FrKAbmAzDvQ&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&scor=1385844002775193&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BD46 17 KB
7 KB 117ms
116ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 21:13:02 GMT

GET 480_650.mp4
cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/ 0
0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE86 13 KB
5 KB 69ms
68ms Document
text/html 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 20:21:54 GMT
expires: Thu, 31 Oct 2024 20:21:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AED1 829 B
1 KB 420ms
42ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

ade1fa7c14b90171587597882a01002c7cc7dea5dd13662de00cd7bd486f5156

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1vLVlPCYfRDp7Xv_7Kjx_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1vLVlPCYfRDp7Xv_7Kjx_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:03 GMT
expires: Wed, 01 Nov 2023 21:13:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/ 256 KB
0 45ms
44ms Media
video/mp4 190.2.150.144
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-144.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=32768-

Response headers

Date: Wed, 01 Nov 2023 21:13:03 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 32768-16900083/16900084
Connection: keep-alive
Content-Length: 16867316

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame E814 6 KB
3 KB 76ms
75ms Script
application/javascript 2.22.242.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.242.169 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-22-242-169.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

POST
H2 204 csi
csi.gstatic.com/ Frame B234 0
54 B 925ms
319ms Ping
image/gif 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~log989c4&c=2563004335882&slotId=1281502167941&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802463%2C44804291&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s45-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame B234 42 B
175 B 177ms
64ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame EE86 38 KB
15 KB 48ms
48ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 459ms
70ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Nov 2023 21:13:03 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B234 0
54 B 856ms
319ms Ping
image/gif 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~log989k0&c=2563004335882&slotId=1281502167941&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s45-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame B234 42 B
174 B 109ms
65ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame B234 42 B
174 B 89ms
66ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame E814 10 B
171 B 648ms
271ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HE6BQ2YAV99SD9FZ5NTBFY2K
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 01 Nov 2023 21:13:03 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame B234 42 B
174 B 50ms
49ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame B234 42 B
174 B 50ms
50ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame EE86 0
40 B 31ms
30ms Image
text/plain 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BDpWXg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame B234 0
54 B 703ms
303ms Ping
image/gif 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~log989lx&c=2563004335882&slotId=1281502167941&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s45-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame B234 42 B
174 B 38ms
37ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame B234 42 B
174 B 39ms
37ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AED1 0
0 76ms
76ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310250101&jk=3145105104274312&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame B1F2 31 KB
10 KB 98ms
30ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:22:19 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 24644
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 02 Nov 2023 14:22:19 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame B1F2
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

41ms
37ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13733
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86f%2F%2Bjg6Y%2FSoSxcbTM3gNoytzFYqEFn65%2BSyak9JpiDr80%2FddxXboOG6%2BjuaZa%2BySvBvVQVhebOTvHgfz4tdnA4RrkPgpOUqH3%2Fprp78X0ZFQqZP2JDICMKz9KObAOiVuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 81f723b988bb0de8-MXP

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD46 0
0 69ms
68ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310250101&jk=3145105104274312&bg=!3t2l3ZLNAAbo5yKYyOc7ADQBe5WfOGy-rQWB0C_alZVf3V-qTIYulMFwjfH4DKjl7uXaxFE1khoRk-ZB_GPj_LdLJyAsAgAAAF1SAAAACGgBBwoAgWNT8yxpDzyqXZp4NHievpUVExnakD4QA-o1Ag0WOnktxGnX5IUOlIVKFvQAq6SuGXuH8PNIjwipOW4_Kvv9YmpccgPs0A-YKFqbvGqBUSAoP5qvgigrnMsXs5Rrjt6SOrSRWxwRBhnNEqeOwnljWr7qfWmHyvHWVS_ckdWCh5KBu5kCysV0SCBqeTrUJanWLbE9Uyl9bWJ1W6Xni5UcD8ce14BPUOzx3OFA0Ww9glOvLUwiQmmebOj9zEOAIc7Mxr2Ls1XQRrgf1niaYCvakx2kydJYYHGHQzeH7Mgspmgb9L40muCXR4IjHjVXWoIdzDjYg8D3me_Q8cogfF1ehY6v_ho7zAwguqGybSFNs77nctUvpOfThrAd3JwoWHp7hlWnLi3M3kM-aG8kQJzRbapZrbdlQx3tsn1aFHvSwyBYRHc75fiWXu8X86t-BdIU5qnoaUdzE9w16JOJczr5EzBQjFQI97rmf3Q9rAM-hnHJhtlhgxyf6nhl6tpSPJO6QPP7rvS4lnG0NxCs78PeDyv5Mw6weOvl2AbC2TuUv-iYgTGXRE0u_tAcVtk46TIT9TVXaKJRo_SEfO1NetVXJcKLH-yNutezB8qehoyGIv9eay5qKHsowu6-OYjSx1i_s1sbImEwwIBEndg8xJy_CjPcXAsp_-XQctPXtdFEDBuIhQzmuA-8CjcV3i391XMvm5r3NHZE5t9mvCCFTQAnotAlzf555JxBy7RvwTEf-nTYbe_-wQmWqJmP6Qqhn46bhcov_zycwg33gU6pw9PR1TXvxpMwGmLJszR4f686k-hzr4VOw9E9D1yH8iCmHzkMmP5TIINGkAoSplhkKpEbBMddzw5UiXXrYT0s5KLudCVJO8xwNaBxDrru_mbUM5Srs1jaqwlU48j6WknrYj9W1Spef-Cl_tmXUs_ibROWu4ItkjvyiruJT3ttWcdM4xncsebQlmkLZGdSjmmmF3ckx47AN0nrQj8RyHFb2iYBNyntDL8EgeeSGKBKZxkcGURZR4dNxJd9uzg1yRnvhFy6-S1niHWFbr59XNHHMUwdh9eDrzBcVfqs7R8lyBy-tlkQkDqdM5DT88FOSjH3xbhpPRxHGmv44NkYCyyjjYCXRQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
789 B 96ms
95ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698873183815&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1565&pt=-23012706&tz=60&viewable=true&ddast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=AdUnit2ESM_vA!adxImdtStrt4-out_vA!adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 655fbbc09d823c9ca7c19c2f16e86dc2d80fa99df138bba77d4633ad00e097b7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 01 Nov 2023 21:13:03 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1474
x-cache: MISS
x-served-by: cache-fra-eddf8230060-FRA
pragma: no-cache
server: nginx
x-timer: S1698873184.824038,VS0,VE33
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame B234 42 B
174 B 90ms
90ms Fetch
image/gif 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 bridge3.599.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 35F3 753 KB
242 KB 36ms
35ms Document
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 415464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247375
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 01:48:39 GMT
expires: Sun, 27 Oct 2024 01:48:39 GMT
last-modified: Fri, 27 Oct 2023 06:13:31 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BECE 40 KB
14 KB 77ms
76ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 01 Nov 2023 21:47:46 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/ 196 KB
0 76ms
67ms Media
video/mp4 190.2.150.144
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-144.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 01 Nov 2023 21:13:03 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7482 42 B
174 B 99ms
99ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshJ9dHXkypTbUcuI8ZLr2SwKSOJ9DPYgcLD_KkiOkUs7-2cq9BscQHjmjs6DSKBbN8rSZbKeALO-VOGtYEhKaImkNwuZkctGw7ammPd-LIcEHspqRbhkyi2zWvTtrue02_c-elLkA8JQ&sig=Cg0ArKJSzBhV5dqeIjIdEAE&id=lidar2&mcvt=1090&p=60,236,157,964&mtos=1090,1090,1090,1090,1090&tos=1090,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698873181763&rpt=1072&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C677 42 B
108 B 120ms
120ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWVfdePTR3ZdIGgWWYt6ZC5Di4c3BYUGQNgveD2zLkrYlmFyGVS5FOrbPTN2qHiDni3EWqxZWdnJw3Pzzz7Ba9WThmiu7PNVmdIb6Usj9Nvx1Jcv-Oqm6fGmDwXgbSEQNxYW0u302VoQ&sig=Cg0ArKJSzBCTQj4DLWXlEAE&id=lidar2&mcvt=1094&p=1110,315,1207,1285&mtos=0,1094,1094,1094,1094&tos=0,1094,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=7&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698873181705&rpt=1115&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2040c092ff6f35a9b98a6bfd89dd43d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 516ms
82ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 221916
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 82ms
80ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 241583
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
418 B 86ms
86ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 1b17a82887e455309e6731f7be616a93f754e3266a1b7f5eef3a880828af3a02

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Fri, 01 Dec 2023 21:13:04 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 97FA 3 KB
2 KB 149ms
49ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 89
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 81f723b9190524be-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: Thu, 02 Nov 2023 01:13:04 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DAD5 52 KB
17 KB 156ms
39ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 40605
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 01 Nov 2023 21:13:04 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1928, 298915
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230074-FRA
X-Timer: S1698873184.201771,VS0,VE0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame CB36 3 KB
1 KB 69ms
53ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1698873180588

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

a23-35-236-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

b19af048c389cd436a0eb0a118ab116e0fb4522828b7d0b95a3b920d50863463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1145
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame C13B 24 KB
8 KB 235ms
111ms Document
text/html 23.35.236.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

aa4b5ef71883340d967b61fc5306164dd24a6ae92b3c3438834a39fea1b61b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8515
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: Fri, 03 Nov 2023 21:13:04 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9B4E 281 B
554 B 59ms
47ms Document
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Nov 2023 21:13:04 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

pd Show response
adpushup-d.openx.net/w/1.0/ Frame 05DF
Redirect Chain

https://adpushup-d.openx.net/w/1.0/pd
https://adpushup-d.openx.net/w/1.0/pd?cc=1

653 B
751 B

61ms
58ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6f4f343654a3cdb524cbfe02cb257d08bb1c7e426de3745fc4d5633a0112b231

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 417
content-type: text/html
date: Wed, 01 Nov 2023 21:13:04 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 01 Nov 2023 21:13:04 GMT
location: https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 / Show response
csync.smilewanted.com/ Frame BF25 6 KB
2 KB 91ms
81ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81f723b8beeebae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 21:13:04 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame BC39 0
0 59ms
55ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Wed, 01 Nov 2023 21:13:03 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 8F95 37 B
140 B 183ms
47ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 01 Nov 2023 21:13:04 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame FBA1 9 KB
4 KB 205ms
69ms Document
text/html 108.156.39.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.39.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-39-118.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 28344
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 01 Nov 2023 14:04:23 GMT
etag: W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified: Mon, 02 Oct 2023 23:54:30 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 3c40a0775e2798dc9f20a237d0225e44.cloudfront.net (CloudFront)
x-amz-cf-id: UNKyPnnp16RmMeSYQCeM3-VaZg5CnpOMfLMRfkWLuyF460mqb2qo4Q==
x-amz-cf-pop: LHR50-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5: d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256: 8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 35F3 156 B
231 B 317ms
305ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=123756886322551&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F9Oyvonw2EIiYfGrkP1-ErQ%3A1698876780%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=4CD1A47E-234D-4429-A5CC-BE556FA08941&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802463%2C44804618&top=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=1698873184134&cookie=ID%3Da343bd0b5e6d7283-222edf0c25e300cb%3AT%3D1698873180%3ART%3D1698873182%3AS%3DALNI_Mb1if7gDoe_QiPeU9_Bgnx23Ywxcg&gpic=UID%3D00000cb0fea885b2%3AT%3D1698873180%3ART%3D1698873180%3AS%3DALNI_Ma5ZUE6lXKAwnz1xxjyw6Ft0aSRiw&scor=4435721487017558&ged=ve4_td5_tt2_pd5_la5000_er742.400.743.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9B4E 41 KB
11 KB 47ms
47ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6aad608c392bc7481be6731e6c486c32916ec8070612373d0628247c1545f5f6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 04:17:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=25386
Connection: keep-alive
Content-Length: 11104
Expires: Thu, 02 Nov 2023 04:16:10 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame CB36 43 B
442 B 40ms
37ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698873180588
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1075 283b7e3 master zrh zrh-pixel-x8 config_version:"1369" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:04 GMT
Server: MT3 1075 283b7e3 master zrh zrh-pixel-x8 config_version:"1369"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 01 Nov 2023 21:13:03 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame CB36 42 B
679 B 41ms
39ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=dww_mkQ0CzQ42PQlQTZnr9iWSDIesWJGqEHTkYZTlDw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698873180588
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame CB36 0
0 55ms
53ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698873180588
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame CB36 0
39 B 54ms
52ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698873180588
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:03 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame CB36
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

0
291 B

40ms
40ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698873180588

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame CB36 0
38 B 46ms
44ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698873180588

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CB36 70 B
148 B 64ms
63ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698873180588
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 0888
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
819 B

76ms
73ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d448eca26c5c00416a613812c76d3ff4595dc9d920eb786099c8cbc15ae27cbf

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 81f723ba5c2e0219-ZRH
content-encoding: br
content-type: text/html
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9PximUYKxnznHEHCC0lbdSaDLk%2FWsMICytebFGX1fR7J66nEHuOSI1PFLbCbE6gRJdGEqQiW%2FhEQ5vLFeSh8Y7F0tSwPylEUIP91Mhve3OXj5RVC3p2mvyyXcMYRX0qPYRHvgKmHetZiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 81f723b9cb0e0219-ZRH
content-length: 0
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejN0CDwq22mWcOPeHRuh%2F5HZepP21BFMVYyuQQBR72i0cyiK9yqmx9r0e0cV3rV%2BwYMNpNggheeLPKwPiEqJ0voI2PsPZKiwgooDCg%2FYG8UH2ZH0%2Fs350qWm8P2CHgYZwnMBG8NQgD75WA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame DAD5 0
596 B 36ms
33ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
an-x-request-uuid: 654a81e7-f19e-4273-aa3c-f3ffbac8db02
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 05DF
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UfG9xwWivJFK8bqXAfekkASivsxKprCRVPz77BoI

43 B
180 B

149ms
84ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UfG9xwWivJFK8bqXAfekkASivsxKprCRVPz77BoI
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UfG9xwWivJFK8bqXAfekkASivsxKprCRVPz77BoI
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 05DF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=182588496478409544

43 B
106 B

78ms
56ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=182588496478409544
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=182588496478409544
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 05DF 43 B
855 B 66ms
64ms Image
image/gif 67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=2a17173a-ffe1-87b7-b44e-ef35385488b9

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5SGAEAASTK88MZHVEFT9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 05DF 70 B
148 B 60ms
58ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=72c16b47-e34b-3c4d-7440-6da250674359&gdpr=0
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 05DF 170 B
188 B 53ms
52ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWVhZWI4OGQtMmEzYy02MmU5LTYxYTAtMzcxYjlhODU4ZDM5

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 05DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFPpEmAS69roWlS2lntGwvw&google_cver=1

43 B
106 B

95ms
84ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFPpEmAS69roWlS2lntGwvw&google_cver=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFPpEmAS69roWlS2lntGwvw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame BF25 48 KB
12 KB 63ms
42ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1691500
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 81f723ba28b0bae8-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame DD0B 3 KB
1 KB 394ms
86ms Document
text/html 99.81.145.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.145.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-145-63.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d2dbe6ad4e31caa4435b4ec323c579104b13d4627bd2c4c55803904a6cc2b2d6

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 01 Nov 2023 21:13:04 GMT
etag: W/"0caaab8b79f9427245834bbf1c5aa6a2d"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame DC7A 3 KB
1 KB 51ms
50ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ec2-54-76-136-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6fa0b4e0383c5e4d9dc54728cfcdafb3bf720954c51bbd0b035ae6cf17dc5ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1105
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 3C70 955 B
1022 B 311ms
70ms Document
text/html 89.149.192.196
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.196 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 9dfc5b688f2b38f5a7b2933db249b8c8b92a8c34bb0fa15665deaeba923a40df

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 955
content-type: text/html
date: Wed, 01 Nov 2023 21:13:03 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 6157 2 KB
839 B 66ms
65ms Document
text/html 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ac2facaff31a665fc041fb30645fa5c170858a6bab2b7e617719270afb039b

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 81f723ba6c3b0219-ZRH
content-encoding: br
content-type: text/html
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtwiRmdd32QpUuh%2Fnv8DuLL4tcX0dNHDfEgH17QD9je27g8UpE%2BB9tYFdOfw5C3D95oMaz1Pfi5ahFiBdwAQlavS%2BsmvvmqUctvrqolNrOkUgK1cW1lgpbjLZczcxKcvACbX%2BzDNzBI8Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 658E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

87ms
82ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Nov 2023 21:13:04 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 01 Nov 2023 21:13:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B0F4 15 KB
6 KB 331ms
65ms Document
text/html 23.213.168.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.168.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-168-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=102561
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: Fri, 03 Nov 2023 01:42:25 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 4B8C 1 KB
1 KB 759ms
234ms Document
text/html 99.86.4.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-42.fra6.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 4c4868f0518047eb98bac3a35c84bc442e2033dff12bb4f8c40b1c64b8a83dff

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-encoding: gzip
content-type: text/html
date: Wed, 01 Nov 2023 21:13:05 GMT
server: istio-envoy
vary: Accept-Encoding
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-id: o0YuG_nogImv3Ny56FtHYDa6Rr30cQYvmiuGToul-u6h_liU9Pxu-Q==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame FC18 0
160 B 336ms
60ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Wed, 01 Nov 2023 21:13:04 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 3F9A 557 B
1011 B 657ms
212ms Document
text/html 18.205.170.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.205.170.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-170-196.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: cb1aa9d9103431e2ab5c3237ce0206b7dcfd8a2aae6463ef8ead604df8d700ab

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 557
content-type: text/html
date: Wed, 01 Nov 2023 21:13:04 GMT
server: istio-envoy
x-envoy-upstream-service-time: 2

GET
H2

200

sync
ads.servenobid.com/ Frame FBA1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=9082381977519593646

0
344 B

100ms
93ms

Image
image/avif

34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=9082381977519593646
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
an-x-request-uuid: 5e11bbef-927e-4c65-a6e2-871a4ce714a2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=9082381977519593646
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FBA1
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=Hld5tRZHua57zQTCS_662DaY

0
350 B

117ms
93ms

Image
image/avif

34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=Hld5tRZHua57zQTCS_662DaY
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:04 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=Hld5tRZHua57zQTCS_662DaY
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame FBA1 0
277 B 209ms
85ms Image
text/plain 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 01 Nov 2023 21:13:04 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET

cs
ad.turn.com/r/ Frame FBA1
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698873184588
https://ad.turn.com/r/cs?pid=45&rndcb=5414781017

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame FBA1
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5133329528540586183

0
344 B

80ms
70ms

Image
image/avif

34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5133329528540586183
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5133329528540586183
Date: Wed, 01 Nov 2023 21:13:04 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame FBA1
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=780f92b3-7bcd-42e6-8492-8bc9323b2eba

0
356 B

91ms
89ms

Image
image/avif

34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=332&uid=780f92b3-7bcd-42e6-8492-8bc9323b2eba
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-71
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.servenobid.com/sync?pid=332&uid=780f92b3-7bcd-42e6-8492-8bc9323b2eba
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FBA1
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

100ms
90ms

Image
image/avif

34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Wed, 01 Nov 2023 21:13:03 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame FBA1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

0
367 B

105ms
98ms

Image
image/avif

34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

ztg897.gif
us.ck-ie.com/ Frame FBA1
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1jZWIyMjIzNy1kN2E2LTMxYWMtYmI2OC00NGM4MzZkNTI...
https://ssp.disqus.com/match?bidder=18&buyeruid=780f92b3-7bcd-42e6-8492-8bc9323b2eba&r=Cid1YS1jZWIyMjIzNy1kN2E2LTMxYWMtYmI2OC00NGM4MzZkNTI3YjcQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3...
https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS1jZWIyMjIzNy1kN...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame FBA1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

0
367 B

104ms
97ms

Image
image/avif

34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame FBA1 0
35 B 355ms
65ms Image
text/plain 35.157.200.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.200.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FBA1
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

80ms
71ms

Image
image/avif

34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 01 Nov 2023 21:13:04 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Wed, 01 Nov 2023 21:13:04 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame B1F2 975 B
538 B 114ms
27ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2639
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9YEkdDu9oFxXhqTyGcI2bM%2F4bdz58687TMbiFH%2BPasPvWzvXY6jmJqvrXj1QhqF43tfi7oUrVk4SRDwQDOu6ZVG%2FS4l8pBs2Ef5pKGkFANszXMiO3FgA0RUjES2ikTo5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81f723badae60de8-MXP

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame B1F2 661 B
1 KB 590ms
223ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6113426828080917&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
x-width: 300
x-height: 250
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://adx.holmesmind.com
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-sspid: 132a2e82-afe1-3147-823d-310b47a4c838
x-adtype: html
connection: close
content-length: 661

GET

28292
i6.liadm.com/s/ Frame 0888
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f98f3832845a47308c26b259597af26f
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0Fk46qtgJ9PKvLra9127h3f8wfwjEtW6cUFCfQ
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0Fk46qtgJ9PKvLra9127h3f8wfwjEtW6cUFCfQ

0
0

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 0888
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_vpHHTmpb1Wlve4AIv9-g&google_cver=1

43 B
774 B

106ms
96ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_vpHHTmpb1Wlve4AIv9-g&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74V%2FCEnFDSUyFZ113MsQYYSTKq%2FxHjlXAeytqyS%2FglCeNJ%2BafXqjw8zYxOLK3qUkgbK3SxTEvPSd6t0%2BQ8tgbK4eAsfXXWhiFUaTjqQ4KNA2UG8RHB5DQjNJc98hDHM6h4QprF6Piq%2B7bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723bc1c630208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_vpHHTmpb1Wlve4AIv9-g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0888
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUK-YJeMT3hZvs28dQE4tQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJg76IifQXjv19Ah7cMM3hU&google_cver=1

43 B
735 B

91ms
86ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJg76IifQXjv19Ah7cMM3hU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kePkXU7o6kTWXQs46akxuqGpW1neL5ArZYQqQGCVmEEKuUpbAlOMFTYl0aRL8XoxJ8RIcvkC4%2Fg%2BHf4EEKAor80NVsxl542OzN%2BmbRyfT8hlXZSiD12FYSrnLn57vTbt490jO%2BEGVU%2BYvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723bcccf60208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJg76IifQXjv19Ah7cMM3hU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 0888 70 B
148 B 82ms
82ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0888
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxX07KhX8AABmFZFEu2g&expiration=1700082784

43 B
736 B

79ms
78ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxX07KhX8AABmFZFEu2g&expiration=1700082784
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuJDG3RRIHaap7WlhMpAavtX1WmQ3%2BquQx4l7CgVyOOZVDCUtLziZjx5lbvQK%2BJKK%2B3BYrA%2BH4Kug%2BCvFUB4VJ2xMvNL%2BMgeoOV%2F9tEtOo1snetEziVBMY0DGo9kMc72dtgKid4ooAp0Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723bc3c880208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxX07KhX8AABmFZFEu2g&expiration=1700082784
Date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0888
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=pvZnrF-_W0NfTJ_nYYEzpVxorN4

43 B
736 B

337ms
336ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=pvZnrF-_W0NfTJ_nYYEzpVxorN4
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMGLNgRxsUhVbDHQG6Ll2ypZrs5Itn0GC0u6I684prLPAAawjUAwUPJd%2BLc%2B%2FYQSi9BP6uR41EH%2Fy831PW5enqQ1ul%2F6Zngh57FHaeHxRBuQvZFC0Ee%2Br6vDyaU9KnOzI0p7aoYJOPDfbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723c23a9a0208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=pvZnrF-_W0NfTJ_nYYEzpVxorN4
Date: Wed, 01 Nov 2023 21:13:05 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 0888
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183

42 B
942 B

115ms
114ms

Image
image/gif

54.76.136.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

54.76.136.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v053-06c3dcdb2.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZfpIkYqfQvw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v053-02ec9fd29.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WO2DIHYzTXc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 0888 43 B
855 B 154ms
154ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 09W04NQCE58CREE02B81
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 0888 43 B
229 B 118ms
70ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZUK-YJeMT3hZvs28dQE4tQAA%262183
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 66473
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81f723bbefbb24be-ZRH
content-length: 43
expires: Thu, 02 Nov 2023 21:13:04 GMT

GET

28292
i6.liadm.com/s/ Frame 6157
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUK-YJeMT3hZvs28dQE4tQAA%262183&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=faab4fd88b5d437b80f25955c3cd3ca9
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0Fk46qtgJ9PKvLra9127h3f8wfwjEtW6cUFCfQ
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0Fk46qtgJ9PKvLra9127h3f8wfwjEtW6cUFCfQ

0
0

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 6157
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9082381977519593646

43 B
479 B

112ms
98ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9082381977519593646
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeWQJQ7tneZQR4tDS%2FsQxKEWMXgPwg5f6ExMC1rv7%2FlZ8e7QoNN0fizLOIqsCrOrTyVnFarpFEv1sX6RtxKztPD%2BDhd2qKSydDrFAQ%2BJV7rqAAHk%2BwwlR3RTKPBz41Od1nuWPszK23JxUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723bbff830219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
an-x-request-uuid: 2447eb64-73d1-453a-841b-651aae1c29fd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9082381977519593646
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6157 43 B
600 B 89ms
69ms Image
image/gif 34.247.198.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.198.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6157
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BDdonlBkacgfN2_OVDFxyVFka5UfYGXIATpYUy4e

43 B
732 B

90ms
89ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BDdonlBkacgfN2_OVDFxyVFka5UfYGXIATpYUy4e
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UKuiaNDTIwSyfqsIMu9vb5Tjl90oN2YtZ1zN49sFbbAbt%2F9B2c%2BMtQD8shqd8fUnRx4e6XWNQVepsVdUR6x7euVVL84P6Hio6ez%2FmPLub976TxyvvTPqquz066dw4o2uLQHSn%2BEQCRIyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723bc4c8b0208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BDdonlBkacgfN2_OVDFxyVFka5UfYGXIATpYUy4e
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6157
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxX07KhX8AABmFZFEu2g&expiration=1700082784

43 B
730 B

91ms
86ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxX07KhX8AABmFZFEu2g&expiration=1700082784
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6mwClMlitzXhjOnSdFwn4VH1gCCby5Fiv7u9ALjOLlkSjSrsb6EO0Ate805siLcVnHp5aHgzPVIDjmCoPQix%2FGNT7I6z4V8PrhkRy2e%2BmT1jwdFSMN0SUVda7flyNBe0OoZUVHGjy5A5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723bcccf30208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHxX07KhX8AABmFZFEu2g&expiration=1700082784
Date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6157
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUK-YJeMT3hZvs28dQE4tQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJg76IifQXjv19Ah7cMM3hU&google_cver=1

43 B
733 B

81ms
81ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJg76IifQXjv19Ah7cMM3hU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1VQXt5IQ84C2dJB6VoZs8KonIMs66nZzvKwdcQyTeFupDlb5BNowZ2%2BmdDQel7%2BEAgLlb48%2FGyhTOVe43vCQFvru%2BzULKnYgn8s8y9Li9Kktuc8XNPB33BaR86MAjdGxZ8uWwykvt2hjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723bcccfd0208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJg76IifQXjv19Ah7cMM3hU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6157
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUK-YJeMT3hZvs28dQE4tQAA%262183
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUK-YJeMT3hZvs28dQE4tQAA%262183&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=KaZd63skxb0GtgvTj00K&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUK-YJeMT3hZvs28dQE4tQAA%262183&tc=1

43 B
733 B

84ms
84ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=KaZd63skxb0GtgvTj00K&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUK-YJeMT3hZvs28dQE4tQAA%262183&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIebhAQpGyoVAm4G40cha%2B6%2BXINHjw9EXa8lpaNJNpU%2FIKUFQwavC9rr8H9S1AueJQAGI7T40lqtnJeNXrz%2BSKIdONbVA12sRU1woNKj1ShYeQD2cbP7RPsu8clB6oaaC3EqQPYQ%2Fn2NyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f723bd9dcd0208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=KaZd63skxb0GtgvTj00K&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUK-YJeMT3hZvs28dQE4tQAA%262183&tc=1
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT, Wed, 01 Nov 2023 21:13:04 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6157
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB

43 B
600 B

65ms
64ms

Image
image/gif

34.247.198.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Server

34.247.198.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
ads.servenobid.com/ Frame 6157 0
356 B 150ms
133ms Image
image/avif 34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZUK_YJeMT3hZvs28dQE4tQAACIcAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 35F3 0
54 B 323ms
321ms Ping
image/gif 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~log98a9r&c=2563004335882&slotId=1281502167941&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s45-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame DC7A 43 B
442 B 63ms
62ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1075 283b7e3 master zrh zrh-pixel-x3 config_version:"1369" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:04 GMT
Server: MT3 1075 283b7e3 master zrh zrh-pixel-x3 config_version:"1369"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 01 Nov 2023 21:13:03 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame DC7A 42 B
679 B 71ms
70ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=KaGJ9_yACbqN3m0_p3KfNAZWoF29ujQOV0aj2AXTBEQ
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 400 711916.gif
id.rlcdn.com/ Frame DC7A 0
0 97ms
97ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
onetag-sys.com/match/ Frame DC7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

0
291 B

50ms
49ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame DC7A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

0
291 B

65ms
54ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-Xn3.xrBE2uHQxo2FRgtzP62xLKd.sTEuxpRXc9g-~A
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DC7A 70 B
148 B 90ms
90ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
ads.servenobid.com/ Frame DC7A 0
365 B 91ms
91ms Image
image/avif 34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=318&uid=KaGJ9_yACbqN3m0_p3KfNAZWoF29ujQOV0aj2AXTBEQ
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 658E 41 KB
11 KB 69ms
67ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6aad608c392bc7481be6731e6c486c32916ec8070612373d0628247c1545f5f6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 04:17:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=25386
Connection: keep-alive
Content-Length: 11104
Expires: Thu, 02 Nov 2023 04:16:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C2F4 16 KB
12 KB 102ms
101ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231031&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e7a899ca4ef135885e8dff9bc2a019f814e7c89a89582c3fe3b99bcc4d40730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12084
x-xss-protection: 0

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 9EE3 0
330 B 62ms
61ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81f723bc6ba4bae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 21:13:04 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync
ads.servenobid.com/ Frame 3C70 0
344 B 77ms
69ms Image
image/avif 34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=6039177356785482220&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C70
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjAzOTE3NzM1Njc4NTQ4MjIyMA==&gdpr=0&gdpr_consent=

170 B
188 B

628ms
628ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjAzOTE3NzM1Njc4NTQ4MjIyMA==&gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjAzOTE3NzM1Njc4NTQ4MjIyMA==&gdpr=0&gdpr_consent=
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 3C70
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=8c8d287969ac5457d0d9aec40fb53c9f&gdpr=0&gdpr_consent=0

43 B
422 B

283ms
162ms

Image
image/gif

185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=8c8d287969ac5457d0d9aec40fb53c9f&gdpr=0&gdpr_consent=0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=8c8d287969ac5457d0d9aec40fb53c9f&gdpr=0&gdpr_consent=0
x-kong-upstream-latency: 2
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 3C70
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7296604765358127262&gdpr=0&gdpr_consent=

43 B
408 B

267ms
224ms

Image
image/gif

185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7296604765358127262&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7296604765358127262&gdpr=0&gdpr_consent=
Date: Wed, 01 Nov 2023 21:13:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 3C70
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=182588496478409544&gdpr=0&gdpr_consent=

43 B
407 B

207ms
75ms

Image
image/gif

185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=182588496478409544&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=182588496478409544&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C586 3 KB
1 KB 57ms
53ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

1a451b4119df2ee0d8a03decd059b87e4603562713750de55d15e680015d8396

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1124
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame A034 0
0 76ms
74ms Document
text/plain 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Wed, 01 Nov 2023 21:13:04 GMT
X-Sovrn-Pod: ad_ap2ams1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame DD0B
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=9082381977519593646

35 B
250 B

604ms
277ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=9082381977519593646
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
an-x-request-uuid: 6f3232c8-f6e3-49e5-9bec-392521c1d1af
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=9082381977519593646
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

getuid
ads.avct.cloud/ Frame DD0B
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_8deb4f18-f5e8-4f66-a3a5-161204b4f137&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame DD0B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=85fccf37-cb5e-041b-133b-7d4f9837421f

35 B
250 B

590ms
316ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=85fccf37-cb5e-041b-133b-7d4f9837421f
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Wed, 01 Nov 2023 21:13:04 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=85fccf37-cb5e-041b-133b-7d4f9837421f
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame DD0B
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-a6f667ac-5fbf-5b43-5f4c-9fe7618133a5$ip$92.104.172.222

35 B
250 B

324ms
110ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-a6f667ac-5fbf-5b43-5f4c-9fe7618133a5$ip$92.104.172.222
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-a6f667ac-5fbf-5b43-5f4c-9fe7618133a5$ip$92.104.172.222
Date: Wed, 01 Nov 2023 21:13:05 GMT
Connection: keep-alive
Content-Length: 128
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame DD0B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-ADR8rlpE2pfew1iIlZgAzFAGO.KaUEgWROYs~A

35 B
250 B

591ms
316ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-ADR8rlpE2pfew1iIlZgAzFAGO.KaUEgWROYs~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-ADR8rlpE2pfew1iIlZgAzFAGO.KaUEgWROYs~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame DD0B
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=ffb3b8e8-4d20-40b6-8ba5-9286a4c60aed

35 B
250 B

528ms
298ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=ffb3b8e8-4d20-40b6-8ba5-9286a4c60aed
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=ffb3b8e8-4d20-40b6-8ba5-9286a4c60aed
Date: Wed, 01 Nov 2023 21:13:04 GMT
Connection: keep-alive
X-CI-RTID: 277bd26a-3f42-45f0-9288-ee57f70d0fab
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame DD0B 0
44 B 698ms
340ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
content-length: 0
server: a

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame DD0B 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame DD0B
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=1NL9r9xtqS3E&ev=1&pid=558355

35 B
250 B

655ms
99ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=1NL9r9xtqS3E&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-CH
location: https://usersync.gumgum.com/usersync?b=pln&i=1NL9r9xtqS3E&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-59d47cf7f8-xtv4s
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame DD0B
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=6039177356785482220

35 B
250 B

600ms
302ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=6039177356785482220
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=6039177356785482220
date: Wed, 01 Nov 2023 21:13:04 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame DD0B 0
358 B 74ms
72ms Image
image/avif 34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_8deb4f18-f5e8-4f66-a3a5-161204b4f137
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 658E 7 B
766 B 61ms
59ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LOG987LT-25-I9YM
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B0F4 5 KB
6 KB 234ms
82ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55529245&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 5f799d7e03e65ecbc377dc093b53b8563c20cfa038a89db00d07a223933974df

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 21:13:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C2F4 17 KB
6 KB 60ms
59ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 21:13:04 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 775D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=182588496478409544&gdpr=0&gdpr_consent=

35 B
208 B

123ms
90ms

Document
image/gif

99.81.145.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=182588496478409544&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.145.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-145-63.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Wed, 01 Nov 2023 21:13:05 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=182588496478409544&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame DAA5 170 B
188 B 149ms
87ms Document
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84ZGViNGYxOC1mNWU4LTRmNjYtYTNhNS0xNjEyMDRiNGYxMzc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 98D5 15 KB
6 KB 46ms
46ms Document
text/html 23.213.168.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.168.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-168-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=102561
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Wed, 01 Nov 2023 21:13:04 GMT
expires: Fri, 03 Nov 2023 01:42:25 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame B685 70 B
148 B 89ms
86ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Wed, 01 Nov 2023 21:13:04 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 7F38
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZUK-YcCo8YkAADt0qSEAAAAA

35 B
250 B

53ms
53ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZUK-YcCo8YkAADt0qSEAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 01 Nov 2023 21:13:06 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Wed, 01 Nov 2023 21:13:05 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZUK-YcCo8YkAADt0qSEAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad4.dc4p.scaleout.jp
X-SO-IP: 92.104.172.222
X-SO-Key: ZUK-YcCo8YkAADt0qSEAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"92.104.172.222","key":"ZUK-YcCo8YkAADt0qSEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad4"}
X-SO-LB-Hostname: m-tgng37.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad4

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 1D0E
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=KaZd63skxb0GtgvTj00K&pi=gumgum

35 B
250 B

208ms
140ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=KaZd63skxb0GtgvTj00K&pi=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 01 Nov 2023 21:13:05 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Wed, 01 Nov 2023 21:13:04 GMT Wed, 01 Nov 2023 21:13:04 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=KaZd63skxb0GtgvTj00K&pi=gumgum
pragma: no-cache

GET
H2

200

/ Show response
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 7AE9
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=faeccde1-0d8d-4947-8120-1zz1698873170
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&gdpr=0&gdpr_consent=&us_ps=

95 B
377 B

123ms
73ms

Document
image/png

162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&gdpr=0&gdpr_consent=&us_ps=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: image/png
date: Wed, 01 Nov 2023 21:12:50 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 01 Nov 2023 21:13:05 GMT
location: //sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=f4de2ab1-a5e2-45c4-90ef-1a36238efbfd&gdpr=0&gdpr_consent=&us_ps=

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 264F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

77ms
76ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Nov 2023 21:13:04 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 01 Nov 2023 21:13:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET

cs
ad.turn.com/r/ Frame 1A0E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://ad.turn.com/r/cs?pid=45&rndcb=3974510677

0
0

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame C586 43 B
443 B 72ms
51ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1075 283b7e3 master zrh zrh-pixel-x14 config_version:"1369" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:04 GMT
Server: MT3 1075 283b7e3 master zrh zrh-pixel-x14 config_version:"1369"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 01 Nov 2023 21:13:03 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C586 70 B
148 B 106ms
84ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame C586 42 B
679 B 79ms
59ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=DgOPxe1ixOJlym25KIkvzd02GXV007zhNXCG62ra5g4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 400 711916.gif
id.rlcdn.com/ Frame C586 0
0 169ms
151ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
onetag-sys.com/match/ Frame C586
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

0
291 B

247ms
246ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJa9bXLY8XGTjphsPOA-XnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame C586 0
15 B 86ms
75ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 DgOPxe1ixOJlym25KIkvzd02GXV007zhNXCG62ra5g4&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame C586 0
405 B 104ms
98ms Image
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/DgOPxe1ixOJlym25KIkvzd02GXV007zhNXCG62ra5g4&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 81f723bdfd89bae8-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 658E 0
0

GET match
ads.betweendigital.com/ Frame CFFE 0
0

GET smwt256.gif
us.ck-ie.com/ Frame 16C6 0
0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C9F 13 KB
5 KB 134ms
131ms Document
text/html 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 20:21:54 GMT
expires: Thu, 31 Oct 2024 20:21:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3EDB 829 B
790 B 148ms
147ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

90219a55f44ccd66bb0dc006ca548ed8fe760d32bdd1c194eef9667a55111046

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cJBcG-w-cqcGnEAn0h6Cyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cJBcG-w-cqcGnEAn0h6Cyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:05 GMT
expires: Wed, 01 Nov 2023 21:13:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

182588496478409544 Show response
csync.smilewanted.com/set_partner_userid_get/adform/ Frame D000
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
https://csync.smilewanted.com/set_partner_userid_get/adform/182588496478409544

0
505 B

126ms
77ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/adform/182588496478409544
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81f723c37d47bae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 21:13:05 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/plain
date: Wed, 01 Nov 2023 21:13:05 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/adform/182588496478409544
server: nginx

GET 480_650.mp4
cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/ 0
0

GET redirect
ssp-sync.criteo.com/user-sync/ Frame 8F75 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 264F 41 KB
11 KB 124ms
122ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6aad608c392bc7481be6731e6c486c32916ec8070612373d0628247c1545f5f6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 21:13:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 04:17:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=25385
Connection: keep-alive
Content-Length: 11104
Expires: Thu, 02 Nov 2023 04:16:10 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 0FC6
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 1885 43 B
855 B 243ms
235ms Document
image/gif 67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=89A4A698-824C-4646-A410-B372E6C90C9F&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 01 Nov 2023 21:13:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 48R6FA86RW3RV9M0RCTH

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B3F7
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=olnxhfYK8NO5WfbV8l_o0vcK8o65DvzTp1TPlIYQ

42 B
416 B

132ms
131ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=olnxhfYK8NO5WfbV8l_o0vcK8o65DvzTp1TPlIYQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 01 Nov 2023 21:13:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 01 Nov 2023 21:13:05 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=olnxhfYK8NO5WfbV8l_o0vcK8o65DvzTp1TPlIYQ
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET

Pug
simage2.pubmatic.com/AdServer/ Frame A2F5
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9082381977519593646&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 7822
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296604765358127262&gdpr=0&gdpr_consent=

0
0

GET

pull
ws.rqtrk.eu/ Frame 7161
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame B455
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pvZnrF-_W0NfTJ_nYYEzpVxorN4&gdpr=0&gdpr_consent=

0
0

GET /
csync.loopme.me/ Frame 96FB 0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame CE91 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7139
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIeFgwN0toWDhBQUJtRlpGRXUyZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AAHxX07KhX8AABmFZFEu2g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6039177356785482220&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AAHxX07KhX8AABmFZFEu2g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6039177356785482220%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6039177356785482220&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHxX07...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHxX07KhX8AABmFZFEu2g&gdpr=0&gdpr_consent=

42 B
279 B

61ms
60ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHxX07KhX8AABmFZFEu2g&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 01 Nov 2023 21:13:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 01 Nov 2023 21:13:06 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHxX07KhX8AABmFZFEu2g&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET sync
t.adx.opera.com/pub/ Frame 8074 0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame BC55
Redirect Chain

https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0

0
0

GET bridge
cm.adgrx.com/ Frame F10A 0
0

GET cm
ipac.ctnsnet.com/int/ Frame A581 0
0

GET pubmatic
d5p.de17a.com/getuid/ Frame 953C 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3657
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528540586183

42 B
292 B

133ms
132ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528540586183
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 01 Nov 2023 21:13:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Wed, 01 Nov 2023 21:13:05 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528540586183
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET cookiesync
core.iprom.net/ Frame 74E8 0
0

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 1007 0
0

GET i.match
a.tribalfusion.com/ Frame 0188 0
0

GET cm
green.erne.co/pubmatic/ Frame 253C 0
0

GET
H2 200 sync Show response
ads.servenobid.com/ Frame C867 0
357 B 323ms
318ms Document
text/html 34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/sync?pid=316&uid=89A4A698-824C-4646-A410-B372E6C90C9F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/html;charset=ISO-8859-1
date: Wed, 01 Nov 2023 21:13:05 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B0F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iaSmmIJMRkakELNy5skMnw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

99ms
49ms

Image
text/html

23.213.168.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 23.213.168.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-168-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=102560
accept-ranges: bytes
content-length: 5606
expires: Fri, 03 Nov 2023 01:42:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET qmap
sync.crwdcntrl.net/ Frame B0F4 0
0

GET cr
cr.frontend.weborama.fr/ Frame B0F4 0
0

GET match
a.audrte.com/ Frame B0F4 0
0

GET
H2

200

cs
cs-server-s2s.yellowblue.io/ Frame B0F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOdI8s4omdvIFzHFt5tLKBQ&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=89A4A698-824C-4646-A410-B372E6C90C9F

0
321 B

119ms
119ms

Image
application/javascript

18.205.170.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=89A4A698-824C-4646-A410-B372E6C90C9F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 18.205.170.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-170-196.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://ads.pubmatic.com/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=89A4A698-824C-4646-A410-B372E6C90C9F
date: Wed, 01 Nov 2023 21:13:04 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 115
content-type: text/html; charset=utf-8

GET pubmatic
um.simpli.fi/ Frame B0F4 0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame B0F4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=182588496478409544

0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B0F4 70 B
148 B 322ms
315ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 89A4A698-824C-4646-A410-B372E6C90C9F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B0F4 43 B
600 B 324ms
317ms Image
image/gif 34.247.198.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/89A4A698-824C-4646-A410-B372E6C90C9F?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.198.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

SPug
image4.pubmatic.com/AdServer/ Frame B0F4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89A4A698-824C-4646-A410-B372E6C90C9F&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-d9dlszBE2uWS1CTNjwBTuGhUS9cysPs-~A&gdpr=0

0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame B0F4 0
0

GET cs
ad.turn.com/r/ Frame B0F4 0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame B0F4 0
0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame B0F4 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8D8E 95 KB
29 KB 330ms
327ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551793374462912e77bf4747a2b082fda6abfaca05b4fc29fe075f65110adeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29854
x-xss-protection: 0
server: cafe
etag: 360 / 19662 / 31079209 / config-hash: 12744499585952903359
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:05 GMT

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 3F9A 0
34 B 305ms
302ms Image
text/plain 35.157.200.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.200.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT

GET

cs
cs.yellowblue.io/ Frame 3F9A
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=ebc85f533c9d632183c577ab35615af&gdpr_consent=&gdpr=0

0
0

GET

apn
ads.playground.xyz/usersync/ Frame 3F9A
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 3F9A 0
340 B 313ms
312ms Image
image/avif 34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=352&uid=1dWk0nazkj_s
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET getuid
cookiesync.api.bliink.io/ Frame 3C41 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame 35F3 0
54 B 400ms
398ms Ping
image/gif 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~log98aoe&c=2563004335882&slotId=1281502167941&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44802463%2C44804618
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s45-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ebc85f533c9d632183c577ab35615af Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 8F56
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/ebc85f533c9d632183c577ab35615af?gdpr_consent=&gdpr=0

0
483 B

117ms
104ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/ebc85f533c9d632183c577ab35615af?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81f723c26bcdbae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 21:13:05 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 01 Nov 2023 21:13:05 GMT
Expires: Wed, 01 Nov 2023 21:13:05 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/ebc85f533c9d632183c577ab35615af?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1698873185496000-599

GET
H2 204 /
onetag-sys.com/usync/ 0
287 B 280ms
280ms Image
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 4B8C 0
277 B 276ms
272ms Image
text/plain 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 01 Nov 2023 21:13:05 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 4B8C
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=eb988943-9cd9-0319-0cd8-74551064c9bc

0
486 B

188ms
172ms

Image
application/javascript

99.86.4.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=eb988943-9cd9-0319-0cd8-74551064c9bc
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-42.fra6.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: E2F_lmbLTZdh3aXgMpLVO3TNxO71pF4xKCZVGrn79ETgdJiWY8o8ZA==

Redirect headers

date: Wed, 01 Nov 2023 21:13:05 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=eb988943-9cd9-0319-0cd8-74551064c9bc
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 4B8C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUK-YJeMT3hZvs28dQE4tQAA%262183

0
484 B

136ms
130ms

Image
application/javascript

99.86.4.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUK-YJeMT3hZvs28dQE4tQAA%262183
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-42.fra6.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: gLzpLAEr1pvv4mviHmrGaVZ2mLCOopiQBn9W06cp91ilcr34UHMC-Q==

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbYSu9NjYdbpp5ZhfNkb3cYgsG9874rQIhRSi%2FvEhj7MFmZ7PhEURWoxX2vBz4CBTpJrxBtsUkYdP7zUNhYY4MLuHwa5PwG2aX06NdPpdfzs7VMoKfh2Sa%2FarfrWIqnqA92Z0cSQPNVkRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUK-YJeMT3hZvs28dQE4tQAA%262183
cache-control: no-cache
cf-ray: 81f723c028740208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 4B8C
Redirect Chain

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1691545596467370771006

0
486 B

181ms
169ms

Image
application/javascript

99.86.4.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1691545596467370771006
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-42.fra6.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: jlETdXl3Fw1FfngtrtLLqZwTcYmq9CO9n6NvdWSP61BwPenvKEYUpQ==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1691545596467370771006
date: Wed, 01 Nov 2023 21:13:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET

apn
ads.playground.xyz/usersync/ Frame 4B8C
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

0
0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 4B8C
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=8c8d287969ac5457d0d9aec40fb53c9f

0
484 B

196ms
180ms

Image
application/javascript

99.86.4.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=8c8d287969ac5457d0d9aec40fb53c9f
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-42.fra6.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: 1z7EWvce7FlxKR7d8czCvKz_5cKDMg6JYahXegIn46FeW11GoPLHAg==

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:05 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=8c8d287969ac5457d0d9aec40fb53c9f
x-kong-upstream-latency: 7
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 4B8C
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

0
532 B

195ms
175ms

Image
application/javascript

99.86.4.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-42.fra6.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA6-C1
x-reason: missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: 5AY5Fngvd7V17mgP7MMZYPM5rOYEmePtHr-Oh1pLzWv2p0pwE1ZZnQ==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date: Wed, 01 Nov 2023 21:13:04 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 4B8C 0
341 B 247ms
243ms Image
image/avif 34.253.50.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=348&uid=Oeikjctzkp_mm
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.50.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-50-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:05 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 264F 7 B
766 B 308ms
307ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LOG987LT-25-I9YM
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H2 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C9F 38 KB
15 KB 287ms
286ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EDB 0
0 285ms
283ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231031&jk=3200311473196975&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame DAD5 0
596 B 223ms
222ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:05 GMT
an-x-request-uuid: 8e3b706a-ab3c-4cd1-abfb-2e38aa68f7cc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/ Frame 8D8E 420 KB
132 KB 146ms
67ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:12:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25232
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135100
x-xss-protection: 0
server: cafe
etag: 11278338207436733902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 31 Oct 2024 14:12:33 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 264F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOG987LT-25-I9YM
https://usersync.gumgum.com/usersync?b=mag&i=LOG987LT-25-I9YM

35 B
250 B

135ms
129ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=LOG987LT-25-I9YM
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 01 Nov 2023 21:13:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://usersync.gumgum.com/usersync?b=mag&i=LOG987LT-25-I9YM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/ 3 MB
0 146ms
43ms Media
video/mp4 190.2.150.144
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9Oyvonw2EIiYfGrkP1-ErQ:1698876780/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-144.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=262144-

Response headers

Date: Wed, 01 Nov 2023 21:13:06 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 262144-16900083/16900084
Connection: keep-alive
Content-Length: 16637940

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8D8E 27 KB
12 KB 92ms
91ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1766263811015898&correlator=2191193252818226&eid=31079304%2C31079209&output=ldjh&gdfp_req=1&vrg=202310250101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1698873186131&lmt=1698873186&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=y5rr3m8ndtfb&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMd2M8tpEhRlpFhDARwa-TNzYPPEXUY_9pmr803KPmwFe5r9Tg6ontIrju-WOuu1F_qL84NMkc2pNbOeRdTrezCK9q9PmpFHkeypEsnOAFTKd4moqm4lRl8gY9xPmevbSHVvf3t_B9K1upcS5VndjlYvsqERL0segkS02AOg5LP3NQL_2yWQsXNWsIoSL58IMx-Uve9H2-iiIqg2A&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1893846399.1698873186&ga_sid=1698873186&ga_hid=999150679&ga_fc=false&dlt=1698873184397&idt=1519&adks=1911528252&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8167c70ad7b6eb9fe004da295945e5e8b6dd4f894b12e292afc2124db0219ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12160
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8D8E 16 KB
12 KB 95ms
95ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc03eda92086f84b745badcf4042a872fcac5a7d659b7ccaa584a9d2a6aec593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12122
x-xss-protection: 0

GET
H2 200 container.html
dcefcb4439009aee971dff8ea1643bf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3F5 6 KB
0 79ms
48ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcefcb4439009aee971dff8ea1643bf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:06 GMT
expires: Thu, 31 Oct 2024 21:13:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 5C9F 0
38 B 38ms
38ms Image
text/plain 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?--vh6Q
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1BD2 0
0 149ms
148ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKO1VY711bh23XdutpZDgqjRO1zJdcTpB2gWQy90eM4wTUvR9iB9QKpXtjj1oyPvld0vabqKi8Wc18zxTwBMlQfoDSndE0QjY6BXxIZirrxoGDXVauZAULO37OvOfhLYni_l0ydYOVEK6lTA5R8lgh4F71eLcZCTnoEM-sVlKDwWgkSXNjinCWbrkmnQ2qH7IuXQWnh4bxUfzfvOf63-Vctu9tdW8vBsJtZh1f61GB3DRNWZygRRcgkd-EUgJ3e-TfDQoCfhGduXShAjMXikSJODkzw7jyCtUV6yWt9D-hiYFVSn6KMZUjljIq1cNyvQM1P1MqrNBdHC8p&sai=AMfl-YSDYbL1lD4dwpS-G9TuHOfWVXFM3M-L8SoVFIJ-pEAWAkeKrLNYFeX6oBRDb3UooEpxdScU5x2AOTN5mgiLxRnldi9tgLwu8CD6gQ&sig=Cg0ArKJSzEqiqx4Gq17LEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 1BD2 31 KB
10 KB 88ms
87ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:22:19 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 24647
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 02 Nov 2023 14:22:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BD2 188 KB
59 KB 104ms
103ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:13:06 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D8E 17 KB
6 KB 118ms
117ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 21:13:06 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E7B9 13 KB
5 KB 302ms
299ms Document
text/html 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 20:21:54 GMT
expires: Thu, 31 Oct 2024 20:21:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6E85 829 B
792 B 184ms
176ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

96caeb512ce1c4344b0b5639b6b86baa6e24791c6d6d2036961dd30a5a7e3418

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8m1inSvXDDcsNGjpEVn0Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8m1inSvXDDcsNGjpEVn0Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 21:13:06 GMT
expires: Wed, 01 Nov 2023 21:13:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET native.js
s.yimg.com/dy/ads/ Frame 1BD2 0
0

GET
DATA 200
OK truncated
/ Frame 1BD2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a267f9585369dffe56437a66be048e237bf9dea4b2ee91c379b6d886c8f8d1a3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6E85 0
0 292ms
291ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310250101&jk=1766263811015898&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame E7B9 38 KB
15 KB 281ms
280ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
787 B 474ms
448ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698873186784&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1565&pt=-23012706&tz=60&viewable=true&ddast=V8CCoCLAY4QFO35mzkFRBwgKZuzdnIKygAAABgYID-AAmNXLbhamJzC2cuy1o0MZnWCttmtxatLIPNxmUcWUYuIyChkcs2XE1sbuHMZVmLJibTWmHb7NailWWw2biMI8vIZQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ7aDodPte9Xvf73SU-z1zj9yv8ksXm9XTLXXa32uV0a10Pu88tfNrd0ofd51Y73BKnW_N0a55uscPvVrveIodbc3S95Q67W_l3vSWut-bocoscTrfW9bC7ta6H3eeWOl1u0cMtHKzWfrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQDPHB7e4rL8nmaDxOU0SF8_fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjSHEPUkQkrhAPkYLPIowAAAAAcKGxeh-ZpBNULKr8___3WwG4AgAQsMi4y9efRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjyZmmmCEFDs1fwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78ekBotN7vBYDWabUyuzWZmsyxMC8PCthqMZobJcOY9zL5oeUM8U7N9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYHC0Gi48LptbuTJZ3KKJx7IWzpy7tcQ0mc1cltVkOHGuRa-P6ePZmEYjixcJBgTuRfK0SCcS02S3XDiXu8VkZDJsbIbZYDHZ7HYLx3K32Q1nFrFEc7JIJ7LLvjVabnaDwWo025hcm83MZlmYFoaFbTUYzQyT4cxfHK2GC4_L5lauTBa3aOKxrIUz524tMU1mM5dlNRlOnGvR62P6eDam0cjib8yWw-Fus9gt943ZcjjcbRa75b5DZ_iuPmejsqySfHyaabfyldacBoXLYPG-1KfzsGAsqKedo9OnXCyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wSxab19Mtd9ndapfTrXU97D638Gl3Sx92n1vtcEucbs3TrXm6xQ6_W-16ixxuzdH1ljvsbuXf9Za43pqjyy1yON1a18Pu1roedp9b6nS5RQ-3cLBa--1C09tsEUsEp4t0InoZTxf1HznkZK4YjOaK3WQumUxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAAAo1thjDfAwux2ml1vi82z8VgYgwZzHbLPPCGKtVssaAACAADYAAIAAbrrxJqA9ivv___8fBwAAQEYOPQAAAPp9QFgOuFHrhR_8CmKzWaz2D0CFWKvV6nZjrVYroIHMJrPFZgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=AdUnit2ESM_vA!adxImdtStrt4-out_vA!adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0ccc0e1e44a7637e53732433196c3467d43fde78a2b7892d8fb41ee30a6d2621

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:07 GMT
content-encoding: gzip
server: nginx
machineid: 1455
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C2F4 0
0 421ms
421ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231031&jk=3200311473196975&bg=!GRqlGlXNAAbo5yKYyOc7ADQBe5WfOCyAkK_JH7_4zaIpSbE0eJPHRIz2u32rR1SALXebf2EuupvnROflxszetUqnPYKEAgAAApBSAAAACWgBB5kC2fLiui_qAelI9ISNg_8W2QEH1INVki8YJ11BOOTEL148JSqwqbEqwza8I2JOrmgQCPFDMlVLp74nbG4Qgudy126RGdrs05WYtymoHf6rpINNhLGNGQQnYC90KjCloIvF3Ier46ezk8yTr2rW9D9yBg4p-YOdGduY9zRXGy-MhY-l-L-oEqdoZqk3dxXrAanE2a0StTXfzOp_9xx2hVxOCHvQLSuhBEwhkM3_98_aDKcJkkaoFIi4PG6niyo97h_32N0DTawLJXEATaT16U1melEpy8I0O5CMWsLYScD2wmoOdJqrkz3duG7mauOq1NlcShhvjVhbSsDHSBJBPwSLZZkkXgIefQGoioCY0cEKKaZXKST2Pl5zV9dg9Dl_JIcYhBWt7T_a6Ftr_HaZOSx7DbpWdlZ5Ja_7QFlqHE8ycB4s0AbpR1muFRy6409mE5v3nOCS-pr7-RsYpPNbNFK8zNkXYFr5EEX0j2gbSEaU7mlv56UDSDc1wrO9PqPk-ZWtMkDQ1Lb0-gZYpxiZuA13-z0W5oRaJOkwCIZ54IW81vZToTwc3LCts9WHImdYxcEtrGMtnkTFKtf4EsextivZcLRQ49f3tIImXleVM6AyuIiwEtN5zGqsFMPdB1OCiLCS3urw92nNUzTk8_vnx0gYminOJHi38_FIZlonu7jjZz7QYnCiGGtHG6nxbo68SxHnIPwbVeUzgmQdkjHwz_LzTxB7Zr2ABB1-wGWIV6JmE9OvsrRUU-u7nyIQ2wurEiIrFik8aYZ6fsXCIYLl3pble_Y2LSnQA_sVBGUyIlCVMr7s8sFrcOkGkwy7eEnE8fMTT4sR4XbENwQgiACLG2yAC3YExB3ZP4NA3JrqfaY0jpu7MtLW7QuUlI0wPx0JAcDBwseOivC62b7PAtInEUYb-y5YN36YgOZvmgYEov_CwZehkNv54sZsqNfqrRNsVC5a07xxaLPKkk1Ekg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 417ms
417ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3au1v886690812&_p=757108493&gcd=11l1l1l1l1&cid=990439440.1698873180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698873181&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F21sui-nen-mei-kuang-xin-zang-ma-bi-si-si-lao-mu-da-shu-nan-you-bu-she-dai-kuan-kuang-jie-ta-805mo.html&dt=21%E6%AD%B2%E5%AB%A9%E5%A6%B9%E8%AA%86%E3%80%8C%E5%BF%83%E8%87%9F%E9%BA%BB%E7%97%B9%E8%B3%9C%E6%AD%BB%E8%80%81%E6%AF%8D%E3%80%8D%E3%80%80%E5%A4%A7%E5%8F%94%E7%94%B7%E5%8F%8B%E4%B8%8D%E6%8D%A8%E8%B2%B8%E6%AC%BE%E7%8B%82%E5%80%9F%E5%A5%B9805%E8%90%AC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 21:13:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B0F4 0
260 B 893ms
310ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:13:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1BD2 0
0 338ms
338ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEnPswexkWyXjsV-AB8Hh8Sc2pudRsrGHlVmMUzhVGXyESD5EcLdj3X_JwTUCsoTtJ3GBUF_wbD0Qc7BJfWjg568NWoNVS6pVFkVnjU9enbz9BsRZtkRtuWj138_ggcVVqYM4I1-2GTxXC3qzlQIQIJeEsJkD4kE67lzAHAW6nlzFPsxvjywiOGFXd9cm6fCepVfn9pybOELKBg_yLngzSS20LDBvWp9rytq6B1JtCRsiYygOUivRakvKRKQrIIbgv-t_2M9Prtcs6177UC8ZN7C_gFUn0ECV83DQuSZM5_S169zxxLEk4z64PdRETWDcWpZVYRGyoYU4UZkk&sai=AMfl-YSq3aTT_GvL_vOsGE0skGfFuDzn15NQIkT1OgnJfIR2zTUkbCBP-TdmY7MCclfUrAMCPQFs-PTZhJJnu_XmYOnH_wAmJhgolpR1kQ&sig=Cg0ArKJSzK-UEPRhopKXEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS