www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://vidverto.io/?utm_source=vidverto.io_branding&&utm_medium=www.bg3.co

URL: https://2mbxk5.llsdzktnxwnnr.com/
Title: Außensauna | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://seniorliving-ch.com/
Title: Seniorenwohnen | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ri=aab0658f38cc048761e9afb5235afcf9&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&it=text&ii=~~V1~~2735551663084074937~~wjeDEpQeGL5EwzqLMsXuGjYxYsPnomnlRcQdA6YpEWpw6cLzOYgYTH58zK8cIqqSkVNSC6iaJPmSgK6YU1G_ng3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7b2un-gnMm0vPcGYOKfZiJdk2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=ef309d2658930790e401e2d84cfd0a70b5f6c24b04c2&redir=https%3A%2F%2Fseniorliving-ch.com%3Fsub1%3D26913272---delimjuwe---3723453593%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCDipl8o8rmUyK7j1b-qAQ%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DNeue%2BSeniorenwohnungen%2Bin%2Bder%2BN%25C3%25A4he%2BPrilly%23tblciGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCDipl8o8rmUyK7j1b-qAQ&vi=1696611594773&p=ajaskagmbh-search-sedo-seniorliving-sc&r=68&tvi48=10637&tvi50=9058&lti=deflated&ppb=CIEE&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNjiA-J6RC0Cy0A1IzYgQUPag3QNY____________AWMI0DcQjVMYMGRjCKI1EOJGGDJkYwjXFhDVHxgjZGMI7P__________ARDs__________8BGBRkYwjL__________8BEMv__________wEYNWRjCOr__________wEQ6v__________ARgWZGMIlhQQmxwYGGRjCNIDEOAGGAhkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB4uS5r7Ax&cta=true
Title: Jetzt Suchen

URL: https://personalloan-ch.space/
Title: Privatkredite | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ri=aab0658f38cc048761e9afb5235afcf9&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&it=text&ii=~~V1~~-8136998546525982530~~wi-vsQpY3-ckZhZh7LUUD8IrXnDh-nayQdxNoQOo3bznoZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwV16VlaXMAKuRVCs2qQLMgewhyyZ25FMGgYmmhTyDzyx-bJmxir0v0eIKoPiwFtf8I8XwLbI--WZuj80gUuMjcmANYc8yTOOd3sdxsWboO530o8HUYz7pKhuTnvJXvMOdg&pt=text&li=rbox-t2v&sig=4f526816e3d79989ebae0d8ce3fbe69206c0b42e9d18&redir=https%3A%2F%2Fpersonalloan-ch.space%2F%3Fnetwork%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DPrivatkredite%253A%2BFinden%2BSie%2Bden%2Brichtigen%2BKredit%2Bf%25C3%25BCr%2BIhre%2BBed%25C3%25BCrfnisse%26sub1%3D28197589%26sub2%3Dpalmate-bg3co%26sub3%3D2023-10-06%2B16%253A59%253A55%26pxtb%5Bid%5D%3D1160933%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCCx-1sopenuutGEr83bAQ%26kw1%3Dkredit%20aufnehmen%20online%26kw2%3Dkredit%20mit%20befristeten%20arbeitsvertrag%26kw3%3Dkredit%20beantragen%26kw4%3Dkredit%20beantragen%20ohne%20bonit%C3%A4tspr%C3%BCfung%26kw5%3Dschweizer%20kredit%20online%20beantragen%26kw6%3Dkredit%20aufnehmen%20trotz%20bestehendem%20kredit%26kw7%3Dsofort%20geld%20aufs%20konto%20ohne%20kredit%0A%23tblciGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCCx-1sopenuutGEr83bAQ&vi=1696611594773&p=medianet-business8-pp&r=16&tvi48=10637&tvi50=9058&lti=deflated&ppb=CIEE&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNjiA-J6RC0Cy0A1IzYgQUPag3QNY____________AWMI0DcQjVMYMGRjCKI1EOJGGDJkYwjXFhDVHxgjZGMI7P__________ARDs__________8BGBRkYwjL__________8BEMv__________wEYNWRjCOr__________wEQ6v__________ARgWZGMIlhQQmxwYGGRjCNIDEOAGGAhkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB4uS5r7Ax&cta=true
Title: Jetzt Suchen

URL: https://track.tradith.com/ca/5a996649-d3c4e3b9-ed8a76f6-3ad2-5f04/d720421e-5ba4432a-9bd9030b-ce89-9c0b
Title: Pflege zu Hause | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://software-dealz.de/products/windows-11-pro
Title: Software-Dealz

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ri=ef0630f8a349b1d616a30bf0d832c0f5&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&it=text&ii=~~V1~~6295168578576913474~~OFvFZsjbxXdlGhdkAXLamUycjTw5YaUYsR8HM_zsOVpX0Y1p638VbFQBn088-wXBfhSE-UZYbpwem3Qsp8Hd4nm69q4miujfbphiSg0octC-OVSOMmyd5GHcDV-xwbJmjPG5YfsWEBbwln29eVwYtmEyGt9EbEWngnq8v_iwRw5BCY4PkDxQbovIkyqKMWWMnEW1WPVLaPxS-WzO_1GCbw&pt=text&li=rbox-t2v&sig=66e7a015f33bf2285b01150b41216c8ae93f82c00ffd&redir=https%3A%2F%2Fsoftware-dealz.de%2Fproducts%2Fwindows-11-pro%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCDeoGIox-iFjf-9kYy_AQ%23tblciGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCDeoGIox-iFjf-9kYy_AQ&vi=1696611594773&p=taboolaaccount-businesssoftware-dealzde&r=53&tvi48=10637&tvi50=9058&lti=deflated&ppb=CMwB&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNjiA-J6RC0Cy0A1IzYgQUPag3QNY____________AWMI0DcQjVMYMGRjCKI1EOJGGDJkYwjXFhDVHxgjZGMI7P__________ARDs__________8BGBRkYwjL__________8BEMv__________wEYNWRjCOr__________wEQ6v__________ARgWZGMIlhQQmxwYGGRjCNIDEOAGGAhkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB4uS5r7Ax&cta=true
Title: Installieren

URL: https://onlinemarketing-ch.space/
Title: Online-Marketing-Kurse | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ri=ef0630f8a349b1d616a30bf0d832c0f5&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&it=text&ii=~~V1~~2005512447852195577~~5FFKxsNHivkjS9-yvuYPhVle9H31A3fsRcT7zQgYxi3noZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzaXzWc0vY2-B5N-kofkML85FGchNpJx1YG6c-ZMcH1Jqv9Hew9Q7eQLJ3yV9EHwadseznCwi1JEefXuuBJ7hFETS8Maux2jWC1gRU3nx5A7rEVxuOWKWhrQzvXHgQEr6voYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=26ccd2214a4eab6afed7f50027ca08c49bfd2316aa56&redir=https%3A%2F%2Fonlinemarketing-ch.space%2F%3Fnetwork%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DOnline-Marketing-Kurse%2Bim%2BJahr%2B2023%2Bk%25C3%25B6nnten%2Bg%25C3%25BCnstiger%2Bsein%2Bals%2Bje%2Bzuvor%2521%26sub1%3D28202173%26sub2%3Dpalmate-bg3co%26sub3%3D2023-10-06%2B16%253A59%253A55%26pxtb%5Bid%5D%3D1160933%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCCx-1soh5bdi-z_pZ3kAQ%26kw1%3Dsuchmaschinenoptimierung%20agentur%26kw2%3Donline%20marketing%20f%C3%BCr%20kleine%20unternehmen%26kw3%3Donline%20marketing%20agentur%20in%20der%20n%C3%A4he%26kw4%3Dmarketing%20automatisierung%26kw5%3Donline%20marketing%20f%C3%BCr%20unternehmen%26kw6%3Dwerbeagenturen%26kw7%3Donline%20marketing%20online%20marketing%0A%23tblciGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCCx-1soh5bdi-z_pZ3kAQ&vi=1696611594773&p=medianet-business8-pp&r=25&tvi48=10637&tvi50=9058&lti=deflated&ppb=CMwB&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNjiA-J6RC0Cy0A1IzYgQUPag3QNY____________AWMI0DcQjVMYMGRjCKI1EOJGGDJkYwjXFhDVHxgjZGMI7P__________ARDs__________8BGBRkYwjL__________8BEMv__________wEYNWRjCOr__________wEQ6v__________ARgWZGMIlhQQmxwYGGRjCNIDEOAGGAhkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB4uS5r7Ax&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ri=1f6434d17380bca422cb65c751d84865&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&it=text&ii=~~V1~~2735551663084074937~~62LzdwfPQ52Fpc-gw6CUhzYxYsPnomnlRcQdA6YpEWpw6cLzOYgYTH58zK8cIqqSn1OV0paklJAyh655pQ0hZw3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7b2un-gnMm0vPcGYOKfZiJdk2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=9344848e303ebb757ac4e3ac12827c9fcc5de96296ad&redir=https%3A%2F%2Fseniorliving-ch.com%3Fsub1%3D26913272---delimjuwe---3723453593%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCDipl8oip7Z09yDh78o%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DNeue%2BSeniorenwohnungen%2Bin%2Bder%2BN%25C3%25A4he%2BPrilly%23tblciGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCDipl8oip7Z09yDh78o&vi=1696611594773&p=ajaskagmbh-search-sedo-seniorliving-sc&r=43&tvi48=10637&tvi50=9058&lti=deflated&ppb=CLQF&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNjiA-J6RC0Cy0A1IzYgQUPag3QNY____________AWMI0DcQjVMYMGRjCKI1EOJGGDJkYwjXFhDVHxgjZGMI7P__________ARDs__________8BGBRkYwjL__________8BEMv__________wEYNWRjCOr__________wEQ6v__________ARgWZGMIlhQQmxwYGGRjCNIDEOAGGAhkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB4uS5r7Ax&cta=true
Title: Jetzt Suchen

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ri=1f6434d17380bca422cb65c751d84865&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&it=text&ii=~~V1~~-8136998546525982530~~o_HmLBErxIIuWGCIfEfyRcIrXnDh-nayQdxNoQOo3bznoZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwQiCDh1TQLPajqIVko_yUrmwhyyZ25FMGgYmmhTyDzyx-bJmxir0v0eIKoPiwFtf8I8XwLbI--WZuj80gUuMjcmANYc8yTOOd3sdxsWboO530o8HUYz7pKhuTnvJXvMOdg&pt=text&li=rbox-t2v&sig=f57df71c60a00e117ec5207f8f8f0e03d7d424f4b264&redir=https%3A%2F%2Fpersonalloan-ch.space%2F%3Fnetwork%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DPrivatkredite%253A%2BFinden%2BSie%2Bden%2Brichtigen%2BKredit%2Bf%25C3%25BCr%2BIhre%2BBed%25C3%25BCrfnisse%26sub1%3D28197589%26sub2%3Dpalmate-bg3co%26sub3%3D2023-10-06%2B16%253A59%253A55%26pxtb%5Bid%5D%3D1160933%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCCx-1so_qSl6qrIt4p7%26kw1%3Dkredit%20aufnehmen%20online%26kw2%3Dkredit%20mit%20befristeten%20arbeitsvertrag%26kw3%3Dkredit%20beantragen%26kw4%3Dkredit%20beantragen%20ohne%20bonit%C3%A4tspr%C3%BCfung%26kw5%3Dschweizer%20kredit%20online%20beantragen%26kw6%3Dkredit%20aufnehmen%20trotz%20bestehendem%20kredit%26kw7%3Dsofort%20geld%20aufs%20konto%20ohne%20kredit%0A%23tblciGiCy1WVh6YyJn_gViSjgJpL-YJ4GRY9vbReIibP4eo_bZCCx-1so_qSl6qrIt4p7&vi=1696611594773&p=medianet-business8-pp&r=82&tvi48=10637&tvi50=9058&lti=deflated&ppb=CLQF&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASAAKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNjiA-J6RC0Cy0A1IzYgQUPag3QNY____________AWMI0DcQjVMYMGRjCKI1EOJGGDJkYwjXFhDVHxgjZGMI7P__________ARDs__________8BGBRkYwjL__________8BEMv__________wEYNWRjCOr__________wEQ6v__________ARgWZGMIlhQQmxwYGGRjCNIDEOAGGAhkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB4uS5r7Ax&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 139

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=80339d67-ee1f-4bbc-8100-3be55325f37e&p_id=23

Request Chain 140

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f496ca80-ff69-4693-a65c-ce5f66fbc2fa&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f496ca80-ff69-4693-a65c-ce5f66fbc2fa&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=1719748965022170014 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=ae898cf8-9bc3-5217-b76e-8a48d24eb744&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&p_id=15

Request Chain 159

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LNEUQLS6-15-AC5B&gdpr=0

Request Chain 160

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4056016590402551421

Request Chain 161

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=0

Request Chain 163

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXudfC8kTnDS1fcLC3KkRE2vEc3rnUFXw

Request Chain 164

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=2592130196638579605

Request Chain 166

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P0_9b__Zcua6GTwGtbCYUdUOqxK18dzrJ-G1S5kdNko

Request Chain 167

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUY1ODhEMTYtQzIwOS00NjA0LUJDRDgtQzhBQ0FBMEE1MkJG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1F588D16-C209-4604-BCD8-C8ACAA0A52BF

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN1jEb3MUV7kUs18bx62Nd4&google_cver=1

Request Chain 169

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-7_EkyulE2uEVexT4cU0Xoy1sYbhgbvQhN3Lnq_M-~A

Request Chain 171

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=hSlrAIB4aVOeLTwJgyt0AoUualSeJWxU1SyZ_kl3 HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 172

https://ad.mox.tv/delivery/sync?userid=4GwVc_bKEe_-zzSsSheXfOEPORzlh-2WgizO-sfmzVw&p_id=5 HTTP 301
https://ad.mox.tv/delivery/v2/sync?userid=4GwVc_bKEe_-zzSsSheXfOEPORzlh-2WgizO-sfmzVw&p_id=5

Request Chain 182

https://pr-bh.ybp.yahoo.com/sync/taboola/8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A

Request Chain 185

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 186

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a5ade25f-16ab-3780-a743-594383c25293?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-OwoXfAJE2oU_9apPpgG3bxf3ZT02LLg_3bVIlys-~A&redirect=

Request Chain 192

https://pr-bh.ybp.yahoo.com/sync/taboola/8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A

Request Chain 198

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&google_hm=YWRjZGMxZTUtYTljNy00NTc1LWE1NzAtMGM2YTlhNTUyYTZj HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECMBmaSzYpvaXKdoDy8d53w&google_cver=1&ssp=themediagrid&bsw_param=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1&C=1

Request Chain 211

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSA9DHkPdEdz-JEcThEN3wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEClZN6bcbnkNf-jZms-5Wzc&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEClZN6bcbnkNf-jZms-5Wzc&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=fdb00a3bdbe94126d64ca59cf10d8e3a&uid=fdb00a3bdbe94126d64ca59cf10d8e3a&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGsVGhEtMxcRb5Sv5XTSiEw&gdpr=0&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGsVGhEtMxcRb5Sv5XTSiEw&gdpr=0&google_cver=1&ang_testid=1

Request Chain 259

https://pr-bh.ybp.yahoo.com/sync/taboola/8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJD7Qupb7f3qiUJMoUrYdiY&google_cver=1

Request Chain 277

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1NjAxNjU5MDQwMjU1MTQyMQ%3D%3D

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1

Request Chain 279

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTg1MTE2MDgtY2UxOC0yNGU1LWYwYzctNzllY2I1MGI0YjNi

Request Chain 292

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIn8Q6lQkpPHU5OanAel6MA&google_cver=1&google_push=AXcoOmQ11EotnFbDt5qL490yFvrNq-BIrKUwTU7klmWBwz-hSFsAjC-DMdZxfqQtnzy_yBIoNLCKOejglsBWzIJdVW6x-MacckdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIn8Q6lQkpPHU5OanAel6MA&google_push=AXcoOmQ11EotnFbDt5qL490yFvrNq-BIrKUwTU7klmWBwz-hSFsAjC-DMdZxfqQtnzy_yBIoNLCKOejglsBWzIJdVW6x-MacckdA

Request Chain 293

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBJsWJtP3YktAxRPSuzVNf0&google_cver=1&google_push=AXcoOmQwyE4Bwk4FPRYN44pvuEZ3KfGPlToC3TnrajWUNKOQziP4vr638393XmEJk4J1KB0IPgGOrXxjmX1_cbOGtKNw6ai5_bg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQwyE4Bwk4FPRYN44pvuEZ3KfGPlToC3TnrajWUNKOQziP4vr638393XmEJk4J1KB0IPgGOrXxjmX1_cbOGtKNw6ai5_bg

Request Chain 294

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGzW7YwayCyllIcIAL7X2hs&google_cver=1&google_push=AXcoOmRAnRMF46NGnWATwlwA451LGNKxqZrbHirQACV0pBppwnhoiOFW4QHW0JZZpnhhh84ffucvuDUvke6tY2BNDOtgtFzB8VaI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H1iNFsIJRgS82MisqgpSvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRAnRMF46NGnWATwlwA451LGNKxqZrbHirQACV0pBppwnhoiOFW4QHW0JZZpnhhh84ffucvuDUvke6tY2BNDOtgtFzB8VaI

Request Chain 295

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFwz-cgXsyicpR8xQ5SXhEQ&google_cver=1&google_push=AXcoOmQhGTV3IjeobXYHTfrtX5qJA0fab8wJLRq0lzFqG_cKStJWCIqNpgMN3lkWFPAYdRUrPUmVsSUzAlXXRIE-oLcn8OiJdDIn HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFwz-cgXsyicpR8xQ5SXhEQ&google_hm=ZSA9DHkPdEdz_JEcThEN3wAADQgAAAIB&google_nid=index&google_push=AXcoOmQhGTV3IjeobXYHTfrtX5qJA0fab8wJLRq0lzFqG_cKStJWCIqNpgMN3lkWFPAYdRUrPUmVsSUzAlXXRIE-oLcn8OiJdDIn

Request Chain 296

https://cs.media.net/cksync?type=g&google_gid=CAESEChRY4O-5XPVwGexARI3kxY&google_cver=1&google_push=AXcoOmS5dc5SMpBReu6HSncB6HohUrW0GRqzRfmFfb8yg2ESovQQNRAB0qXtioXAHrRigT3Hne4SAdykEeHG-UHcpXVtXiRfd20 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM5NjEzMTk3NDg3MjMyODAwMFYxMA%3d%3d&mn_hm=MzM5NjEzMTk3NDg3MjMyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmS5dc5SMpBReu6HSncB6HohUrW0GRqzRfmFfb8yg2ESovQQNRAB0qXtioXAHrRigT3Hne4SAdykEeHG-UHcpXVtXiRfd20&gdpr=&gdpr_consent=

Request Chain 297

https://an.yandex.ru/mapuid/google/CAESEEwiJvbFoSMYBlQfavceb34?ext-param=AXcoOmST2rzEUIVbTrEStdSjueYL7F6NtjvR7BLVXXJggjypFSvHyWT98xM9YSXyPJX6r3iM4XhM5liihiryVSpZJi9bt-ZgzNNjdg&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEEwiJvbFoSMYBlQfavceb34?redir-setuniq=1&ext-param=AXcoOmST2rzEUIVbTrEStdSjueYL7F6NtjvR7BLVXXJggjypFSvHyWT98xM9YSXyPJX6r3iM4XhM5liihiryVSpZJi9bt-ZgzNNjdg&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEwiJvbFoSMYBlQfavceb34&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 298

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAOstHLrM1V3K5ciD8fWNlc&google_cver=1&google_push=AXcoOmSPskDlNNvab8NZWW5l0aNruWneBGnVbV0ZSCsDk1pAToPt0DELgkcL-8oEgjmuWE-8p2kzQRmAVk0pdwxVJbTzaUGSIJZyVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSPskDlNNvab8NZWW5l0aNruWneBGnVbV0ZSCsDk1pAToPt0DELgkcL-8oEgjmuWE-8p2kzQRmAVk0pdwxVJbTzaUGSIJZyVA

Request Chain 300

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNEUQLS6-15-AC5B HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNEUQLS6-15-AC5B

Request Chain 314

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JToRwrpURv6WsIo3ckczIQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JToRwrpURv6WsIo3ckczIQ

Request Chain 316

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S_vW0f9-So-Oeg8M0hlvaw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S_vW0f9-So-Oeg8M0hlvaw

Request Chain 317

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB3ghNRV1CArcmxVM939JEM&google_cver=1

Request Chain 318

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/bOVHFx2iyBQGhefKWUTV8sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iCwg6NxE2oJXc3iyDKBSBE3J2SiXvPVK8td8Gg--~A

Request Chain 319

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNEUQLS6-15-AC5B

Request Chain 320

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5FVVFMUzYtMTUtQUM1Qg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEx0kZpUqtGzNEEzgjPl05Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==&google_push=

Request Chain 321

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWUwMzBlMWZhZWZlYTIzNjVmYjA4YzBhYTg2MjYxZmQ1ZjgwNzcxNQ

Request Chain 322

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFG_k7KQHoAABmNl4DkDA&expires=30

Request Chain 323

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNEUQLS6-15-AC5B&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNEUQLS6-15-AC5B&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS13N3FpZDJkRTJ1RnZuVkYuZE83U3I3Q2hqMFpkcmU5an5B&ovsid=LNEUQLS6-15-AC5B&dpid=58160

Request Chain 324

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNEUQLS6-15-AC5B

Request Chain 325

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNEUQLS6-15-AC5B

Request Chain 326

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=84334ad2-fc0d-4826-975a-19692febbebc&expires=30

Request Chain 327

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNEUQLS6-15-AC5B HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNEUQLS6-15-AC5B

Request Chain 328

https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1164 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=4907826162908467992

Request Chain 329

https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=aeM3cm3AX4psxUCrzt0hfbInvPM

Request Chain 343

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1696611597582 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ODlhNzI4MTQtOTlmNS00YWY2LWJjNGItN2NiZTZiYWFiYWQ2

Request Chain 345

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1696611597582 HTTP 302
https://sync.teads.tv/um?fp=1&eid=80&uid=87716deb-3fc4-44d7-90e2-eef0042f9d74&gdpr=0

Request Chain 346

https://pr-bh.ybp.yahoo.com/sync/teads/89a72814-99f5-4af6-bc4b-7cbe6baabad6?gdpr=0&_t=1696611597582 HTTP 302
https://sync.teads.tv/um?eid=132&uid=y-HvLrBdNE2oRhOJb.QpXQMy2E31W8anXbPUk-~A

Request Chain 349

https://idsync.rlcdn.com/474599.gif?partner_uid=89a72814-99f5-4af6-bc4b-7cbe6baabad6_ch&_t=1696611597582 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzg5YTcyODE0LTk5ZjUtNGFmNi1iYzRiLTdjYmU2YmFhYmFkNl9jaBAAGg0IjfqAqQYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEkRgKx01hWEWM8rw_wxyQg&google_cver=1

Request Chain 352

https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1696611597582 HTTP 302
https://sync.springserve.com/usersync?aid=1000024&uuid=89a72814-99f5-4af6-bc4b-7cbe6baabad6

Request Chain 353

https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1696611597582 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ODlhNzI4MTQtOTlmNS00YWY2LWJjNGItN2NiZTZiYWFiYWQ2 HTTP 302
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1

Request Chain 396

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFn7l2LXEFjZHCZy4qzYtjc&google_cver=1&google_push=AXcoOmTLbPKKPDhiQzSW0Elu1cL-5-kp-cuLzdfpP_dGjtv5bM5b9YY95XF7v4cc2fDRKI67tCaeIJJJgZlSgyAHG_lUOdDD0Hw HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6d916386bad115a7&is_secure=true&networkId=14000&version=1&google_gid=CAESEFn7l2LXEFjZHCZy4qzYtjc&google_cver=1&google_push=AXcoOmTLbPKKPDhiQzSW0Elu1cL-5-kp-cuLzdfpP_dGjtv5bM5b9YY95XF7v4cc2fDRKI67tCaeIJJJgZlSgyAHG_lUOdDD0Hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI928fiaFK8QMbow3HAAAAAAA&expiration=1696697998&google_cver=1&is_secure=true&google_gid=CAESEFn7l2LXEFjZHCZy4qzYtjc&google_push=AXcoOmTLbPKKPDhiQzSW0Elu1cL-5-kp-cuLzdfpP_dGjtv5bM5b9YY95XF7v4cc2fDRKI67tCaeIJJJgZlSgyAHG_lUOdDD0Hw

Request Chain 397

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEA52j-ojQ18VWDPnhWqfbLA&google_cver=1&google_push=AXcoOmTK47extfFVy9xexNWpebMHPw89Hlcsm6wvF9WG1Ifz7f0JOQCaJKoTYf9AM5cVNvLLJsMA4Gm2i-FWu3lR3i8VWFrCD6U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aeM3cm3AX4psxUCrzt0hfbInvPM&google_push=AXcoOmTK47extfFVy9xexNWpebMHPw89Hlcsm6wvF9WG1Ifz7f0JOQCaJKoTYf9AM5cVNvLLJsMA4Gm2i-FWu3lR3i8VWFrCD6U

Request Chain 398

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN1jEb3MUV7kUs18bx62Nd4&google_cver=1&google_push=AXcoOmT09Q5tq6n_Q1olrfMiac17uaQmM0roAjD7V-D5V8xhNhmiYtd_hWYqfo6siT-bP01Ye63U672TfEaadNwBEiORCVn8zwk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXufisvIQ4LwL25dK9LhCpNax398Wlhzw&google_push=AXcoOmT09Q5tq6n_Q1olrfMiac17uaQmM0roAjD7V-D5V8xhNhmiYtd_hWYqfo6siT-bP01Ye63U672TfEaadNwBEiORCVn8zwk

Request Chain 400

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED0Z5RTyoiogK8u3qIoIbiQ&google_cver=1&google_push=AXcoOmTUEJpBkXIQFZjY9w6mG_PAH6SrNAlPJMDVSUnI7XbvUWllcgRli_0UAZl4KT0dnXjB73oIA1rDTDOBE5E_4tUbysXDQzM HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTUEJpBkXIQFZjY9w6mG_PAH6SrNAlPJMDVSUnI7XbvUWllcgRli_0UAZl4KT0dnXjB73oIA1rDTDOBE5E_4tUbysXDQzM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1696611598039 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f2db2578-89f9-4626-8187-259830df3b4a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTUEJpBkXIQFZjY9w6mG_PAH6SrNAlPJMDVSUnI7XbvUWllcgRli_0UAZl4KT0dnXjB73oIA1rDTDOBE5E_4tUbysXDQzM%26google_hm%3DA_LbJXiJ-UYmgYclmDDfO0o

Request Chain 402

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDZqflaDn9I1EscWPKYVsGs&google_cver=1&google_push=AXcoOmSjWE1jF5_Kuo14Lex6Y49wqniczsoIs6ZIaRM1x9PsgCtztwZqnlcLRLWNhDnkVdNgvpNhZGyPX1lsPsvy5orIymwkhW-f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ODlhNzI4MTQtOTlmNS00YWY2LWJjNGItN2NiZTZiYWFiYWQ2&google_push=AXcoOmSjWE1jF5_Kuo14Lex6Y49wqniczsoIs6ZIaRM1x9PsgCtztwZqnlcLRLWNhDnkVdNgvpNhZGyPX1lsPsvy5orIymwkhW-f HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 431

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJg2JCjYulzeJNAK92ImEf0&google_cver=1&google_push=AXcoOmSfN1N2dWIxnKFyJ7VJkiKtVdzaIrL_BKRnenyD-SvvVc-OJ0Dz49ZeZOZ1uKTYHJYgIR0fVT6peei-bPvcjPffw4YDPg HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c

Request Chain 432

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_UKnxb2xyoef6lfSBeukY&google_cver=1&google_push=AXcoOmT2yo6qbutOyYvbWXO0BeOlVAF7u7mCf5Orj6q3LsULsDMhTL_RvTftCu-YyxKZ3_3WdPPwzXPFscI6ssABSaU8EEqJoQI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI2MjE4MTIyMDM3Njg1MzYwOA&google_push=AXcoOmT2yo6qbutOyYvbWXO0BeOlVAF7u7mCf5Orj6q3LsULsDMhTL_RvTftCu-YyxKZ3_3WdPPwzXPFscI6ssABSaU8EEqJoQI

Request Chain 433

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJgVTrBEIOom6DQXK8Sr9rw&google_cver=1&google_push=AXcoOmT3qikN7n3DsQcUXDs5Q7nDgvi1I57jNkA-XtE-NpmaIR3qvW--JKo5j7VxSLQWAH0kF5TYEtOMnPwy1I9GgVY9PoCp4WE HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJgVTrBEIOom6DQXK8Sr9rw&google_push=AXcoOmT3qikN7n3DsQcUXDs5Q7nDgvi1I57jNkA-XtE-NpmaIR3qvW--JKo5j7VxSLQWAH0kF5TYEtOMnPwy1I9GgVY9PoCp4WE&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT3qikN7n3DsQcUXDs5Q7nDgvi1I57jNkA-XtE-NpmaIR3qvW--JKo5j7VxSLQWAH0kF5TYEtOMnPwy1I9GgVY9PoCp4WE&google_hm=Z0trbkE5OHRsWUNFOHNNRGhSUkM=

Request Chain 434

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEx0kZpUqtGzNEEzgjPl05Q&google_cver=1&google_push=AXcoOmSNnM8PfdxsYbhHWM1urOrWx84vlfmv5x890DEMaAmDUhVnTeVA8d5_jW3I2EJaLl3t2MhEEtcFr-ImEcbNgU3HghElM9M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==&google_push=AXcoOmSNnM8PfdxsYbhHWM1urOrWx84vlfmv5x890DEMaAmDUhVnTeVA8d5_jW3I2EJaLl3t2MhEEtcFr-ImEcbNgU3HghElM9M

Request Chain 437

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDlBCDit18N5afZnFrlKZfU&google_cver=1&google_push=AXcoOmT-l9EYYhlkBijXelFzFwAJM90FQCDLtg3db2qPu7tUDAGrvjADTNpBNxGnm9NM69QMiLwRc_oYnkj4VEAwEsW08MG1jg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmT-l9EYYhlkBijXelFzFwAJM90FQCDLtg3db2qPu7tUDAGrvjADTNpBNxGnm9NM69QMiLwRc_oYnkj4VEAwEsW08MG1jg&google_hm=MjU5MjEzMDE5NjYzODU3OTYwNQ%3D%3D

Request Chain 468

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=eaeVLnz2l31io8Inf6WKLHmglHpiq5J6KaLR127F

Request Chain 469

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7262181220376853608

Request Chain 473

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1

Request Chain 476

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4056016590402551421

Request Chain 477

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=1

Request Chain 479

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXugwWE_jonuYSCe1-l_0TLIJag2t49YA

Request Chain 506

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7603310762

Request Chain 511

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXuhP4GKOlOmIKjjJo3b_Fj1NokhrdKuA

Request Chain 513

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=1

Request Chain 518

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/ae898cf8-9bc3-5217-b76e-8a48d24eb744

Request Chain 521

https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
https://x.bidswitch.net/sync?ssp=criteo&custom_data=lVM9L19zUXdDTlY4UmZRbEtvbE52dTZ1Q0JKNFZjSjBIdGxrc0olMkZpYlFnN2RRa0o0ZWpKVEJlSDlTZGt5SFRPSkNNeTBOSEI5bnNidDR5Y1hHRVdJJTJGYXZLQ0pZJTJCR05pNDVZVnlydjZDQ05ab1d6MVI5ZklRaGtxNFFCQlEzajc5MyUyRktkUHZjSkZaRERGcnl6Q3piNndUb3lvaHJOJTJCTDBVa0hBcTV2aExoJTJGeG1Eb3BiWUVvN25nTkhqNWFscXcxQkRucCUyQg&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-qugMQqQA_VxLEyilzI6-F6Qte_JKZlOwDmWyGQ HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-qugMQqQA_VxLEyilzI6-F6Qte_JKZlOwDmWyGQ&gdpr=&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=lVM9L19zUXdDTlY4UmZRbEtvbE52dTZ1Q0JKNFZjSjBIdGxrc0olMkZpYlFnN2RRa0o0ZWpKVEJlSDlTZGt5SFRPSkNNeTBOSEI5bnNidDR5Y1hHRVdJJTJGYXZLQ0pZJTJCR05pNDVZVnlydjZDQ05ab1d6MVI5ZklRaGtxNFFCQlEzajc5MyUyRktkUHZjSkZaRERGcnl6Q3piNndUb3lvaHJOJTJCTDBVa0hBcTV2aExoJTJGeG1Eb3BiWUVvN25nTkhqNWFscXcxQkRucCUyQg&u=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-m6qT4aQA_VxLEyilzI6-F6Qte_JsI3PgzSjQdw

Request Chain 523

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb7c434859cedca0f588cb574edfe7?gdpr_consent=&gdpr=0

549 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html Show response
www.bg3.co/a/ 57 KB
16 KB 2499ms
1575ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e88f5ad68c5dcba54588bcbfc60c64f8dd8859101110142ac88a3de6d60e3e64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 16:59:53 GMT
etag: "e329-3qTazKVim/4vbjYifgJcHDfHRl4"
expires: Fri, 06 Oct 2023 17:00:53 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 468ms
65ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8756d3367261f5dfcbef03be86fb4b956f889917fbdd3b72c300d8e1dcdc5f47

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 16:59:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73066
x-xss-protection: 0
server: sffe
etag: "1743d73101b212e4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 16:59:54 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 475ms
72ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4c827a216d3b126750b0202c5793003f24d6002f21ff2300200c6019829929e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 16:59:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9658
x-xss-protection: 0
server: sffe
etag: "642b972f2c805cc6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Oct 2023 16:59:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 532ms
131ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ce6b47721eb0154aa2e73d424e783ee33d1ad8259fd9dcff68bc88bb4895b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29594
x-xss-protection: 0
server: cafe
etag: 60 / 19636 / m202310030101 / config-hash: 7682450070620400040
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 465ms
61ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e2937ecc1fd62d66cfbabd2ed20241f37d2a3b5ba6efa54991f267751c48d566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 16:59:54 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 284ms
97ms Script
application/javascript 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 10:26:35 GMT
server: cloudflare
age: 7664
etag: W/"651e8f5b-a1c3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 811f75205cd1d35b-CDG
expires: Sat, 07 Oct 2023 02:52:10 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 311ms
54ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D0) /
Resource Hash: e81762698c7bbd69398b2d96f233c32b78b71bdda62829c985ba9b4324c586ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
age: 22331
x-cache: HIT
x-client-device: desktop
content-length: 10023
x-ap-device: DESKTOP
last-modified: Fri, 06 Oct 2023 07:00:13 GMT
server: ECAcc (ama/48D0)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:59:54 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 681 KB
142 KB 314ms
57ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F2) /
Resource Hash: 779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
age: 544849
x-cache: HIT
x-client-device: desktop
content-length: 145467
x-ap-device: DESKTOP
last-modified: Thu, 28 Sep 2023 16:35:35 GMT
server: ECAcc (ama/48F2)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:59:54 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 563 KB
54 KB 352ms
152ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3da1d0f5ab67b7c78dc07fd90c7151d40102cb0656f64cc76ae2f99c53cf94f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AA52bHUCZ9XhXbNUo6jVpBoYKfytDUcV
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:54 GMT
x-amz-request-id: DYKFA9BWS71R7ZBE
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 55244
x-amz-id-2: 2msDMfcSlOzHpmsfFHCCDgtKl84wUefpIDgatBG1H5ilfFDgfKwUWMjT2lJniwqyEdpbtn1fnhs=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 12:21:35 GMT
server: AmazonS3
x-timer: S1696611594.310659,VS0,VE96
etag: "014ee4690d48fd248b59023b0dddfbcf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

505ms
86ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10414
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FeP17u%2F6mZInZUum0MRRIYEwPcvlIDT2LX0EV8sWHYw4%2BmbJkWFL8AbdJ7Y3psoUWzEor6AApz3lBmLSej60EO3msttpgFTfjEzmwgIv6JxMn1AM1ip%2BIND91EDTba3FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 811f75263a3e2a16-CDG

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
566 B 207ms
198ms XHR
application/json 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=B8FEEF3644774F09BF1870FA8EB84CA8&java=1&security=dd738f34&sc_snum=1&sess=95cc7e&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&t=%E7%B6%B2%E5%8F%8B%E8%A6%81%E6%BD%98%E6%81%86%E6%97%AD%E4%B8%8B%E8%87%BA...%E5%A5%B3%E3%80%8C%E6%BD%98%E7%B2%89%E3%80%8D%E6%B0%A3%E7%82%B8%E5%97%86%E7%A5%9E%E7%B6%93%E7%97%85%EF%BC%81%E5%85%AC%E7%84%B6%E4%BE%AE%E8%BE%B1%E8%A2%AB%E8%B5%B7%E8%A8%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2798&sc_rum_e_e=2802&sc_rum_f_s=0&sc_rum_f_e=2796&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 811f75211d7bd35b-CDG
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 487ms
56ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1809391
x-cache: HIT, HIT
content-length: 29880
x-served-by: cache-lga21979-LGA, cache-ams21078-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696611595.856981,VS0,VE0
etag: W/"28feccc0-14e98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3794, 14789

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 402ms
56ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1373494
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-ams21078-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696611595.856992,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 32446, 697056

GET
H2 200 impl.20231005-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 811 KB
168 KB 65ms
64ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 56bb634245b7b25ecb78ab1639e9d916c097684096acffb4b8d02e3fcd99557d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UDckBi_dYgkvA6KfwnPPY8Hiski8Fxy8
content-encoding: br
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:54 GMT
x-amz-request-id: 7EEXDTRD24JC7CH7
age: 28618
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 171845
x-amz-id-2: WNmOZfwRA4uNmglzINJmhV4JBBPuMiPGpZUqDqY+rNmN1iGozgHwvp/kd8voZdQuR1ZNJ+11Xt8=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 08:55:01 GMT
server: AmazonS3-br
x-timer: S1696611595.566169,VS0,VE0
etag: "dff646170ee7a85f3bc08642c9709075"
vary: Accept-Encoding
content-type: application/javascript
abp: 11
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 19272

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 473ms
60ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3a40&_p=1151098569&cid=525398678.1696611595&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696611594&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=%E7%B6%B2%E5%8F%8B%E8%A6%81%E6%BD%98%E6%81%86%E6%97%AD%E4%B8%8B%E8%87%BA...%E5%A5%B3%E3%80%8C%E6%BD%98%E7%B2%89%E3%80%8D%E6%B0%A3%E7%82%B8%E5%97%86%E7%A5%9E%E7%B6%93%E7%97%85%EF%BC%81%E5%85%AC%E7%84%B6%E4%BE%AE%E8%BE%B1%E8%A2%AB%E8%B5%B7%E8%A8%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 0b4dc0c4f76545ad0231e0484f1da3a2.jpg
static.bg3.co/imgs/202106/ 0
0

GET 625ee5ab4f8bdf95ae340b67f6e3eb45.jpg
static.bg3.co/imgs/202105/ 0
0

GET 9554f52fe75c8f99fd9018782137ab50.jpg
static.bg3.co/imgs/202105/ 0
0

GET 42042c1c20af9a1fe44f1982364a911b.jpg
static.bg3.co/imgs/202105/ 0
0

GET 69ccf5423ff29bd6396457db14d9aca6.jpg
static.bg3.co/imgs/202106/ 0
0

GET 35032c7edd4581a540d30eeae422ba37.jpg
static.bg3.co/imgs/202309/ 0
0

GET 83a92fa6030eedf8fffa4e1b6725d339.jpg
static.bg3.co/imgs/202106/ 0
0

GET 10638a0c87129759ffc72e6f8f7059f7.jpg
static.bg3.co/imgs/202106/ 0
0

GET e548ac5d16099943638b8327b3e33626.jpg
static.bg3.co/imgs/202106/ 0
0

GET d5e173d53312c7acf7c5b274a983fbbe.jpg
static.bg3.co/imgs/202105/ 0
0

GET 6c58b072bc1833894f4cd268b985fea0.jpg
static.bg3.co/imgs/202106/ 0
0

GET 6dd5d07cd4b92aecb4579745703c6904.jpg
static.bg3.co/imgs/202105/ 0
0

GET 04086a970d5c2585b8c5ec3cc3f3dfec.jpg
static.bg3.co/imgs/202309/ 0
0

GET 301e22ca518a8532ddc28319b54a636e.jpg
static.bg3.co/imgs/202112/ 0
0

GET ac3a2a47b17379f4e819835622d7f188.jpg
static.bg3.co/imgs/202105/ 0
0

GET 59437677442de99515383a75a28af781.jpg
static.bg3.co/imgs/202105/ 0
0

GET fb22048d6ca62c62a7d12c389dad7f4f.jpg
static.bg3.co/imgs/202105/ 0
0

GET c2b4a6035a997adaaa9e4bfcfdabcdc6.jpg
static.bg3.co/imgs/202106/ 0
0

GET a763bec313d26d02671f208fb938f783.jpg
static.bg3.co/imgs/202105/ 0
0

GET b8537a2cdbbd19405dd7da5a6e4948fa.jpg
static.bg3.co/imgs/202106/ 0
0

GET f7b83c19031b9b840b95c03b40ac2ecc.jpg
static.bg3.co/imgs/202106/ 0
0

GET 75c360c3e65b996dc7809b3680f422e3.jpg
static.bg3.co/imgs/202106/ 0
0

GET 84479d58ddc4c4188d66156a4ba0b29f.jpg
static.bg3.co/imgs/202309/ 0
0

GET d3f2d0b1769534146232da88033f15b9.jpg
static.bg3.co/imgs/202106/ 0
0

GET e0f87ac28b53223eda7639bef5e6841a.jpg
static.bg3.co/imgs/202106/ 0
0

GET 576d0d724f62b08eece8153fa798331f.jpg
static.bg3.co/imgs/202106/ 0
0

GET cef8cfdbdb49c1e6aba4b731ce927db4.jpg
static.bg3.co/imgs/202106/ 0
0

GET 0b4dc0c4f76545ad0231e0484f1da3a2.jpg
static.bg3.co/imgs/202106/ 0
0

GET b5592825c3b7d9666ea9c5f13e3e0a64.jpg
static.bg3.co/imgs/202106/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309181453000/v0/ 8 KB
4 KB 485ms
63ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4de6c8a24d8959593744ade6de22ed29b5404dcdd0243d43e52209b56383f66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 20:49:10 GMT
age: 245445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2976
x-xss-protection: 0
server: sffe
etag: "38f77e2398a961a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 20:49:10 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309181453000/v0/ 12 KB
4 KB 482ms
64ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71c87286b7656c279d8c6276b6602373709af8c8d4405cf94dc74e71ac9fd3b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 18:36:01 GMT
age: 80634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3930
x-xss-protection: 0
server: sffe
etag: "2c64beef00f20bbc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 18:36:01 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 419 KB
132 KB 43ms
42ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 10:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22006
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 05 Oct 2024 10:53:08 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 455ms
49ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 227657
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 75 KB
18 KB 506ms
496ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=18%3A59%3A54.776&lti=deflated&data=%7B%22id%22%3A250%2C%22ii%22%3A%22%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696508486488%2C%22vi%22%3A1696611594773%2C%22cv%22%3A%2220231005-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html%22%2C%22vpi%22%3A%22%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3596%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2317.015625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e45bee95386410eb98c2f548f3963c23d82da9dc7dfb3c10e92a430c57327ccf

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 417
date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.944375
x-fastly-to-nlb-rtt: 67088
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21034-AMS
x-log-content-encoding: gzip
server: nginx
x-timer: S1696611595.812864,VS0,VE417
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 87ms
86ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2775816213619405&correlator=1752218687901952&eid=31077232%2C31078601&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696611594871&lmt=1696604394&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=525398678.1696611595&ga_sid=1696611595&ga_hid=1151098569&ga_fc=true&dlt=1696611594063&idt=779&adks=2226185566&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fc9934ea9f033f6069ef8bb5a0a1b8a5c670bdd66f91285f89f22db3bd9c3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12538
x-xss-protection: 0
google-lineitem-id: 6344488284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440076868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1AF7 6 KB
3 KB 542ms
57ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:55 GMT
expires: Sat, 05 Oct 2024 16:59:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 59ms
58ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CC) /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
age: 1906131
x-cache: HIT
x-client-device: desktop
content-length: 122286
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: ECAcc (ama/48CC)
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 16:59:54 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
310 B 73ms
73ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CB) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Fri, 06 Oct 2023 16:59:54 GMT
content-encoding: br
age: 4874416
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (ama/48CB)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 16:59:54 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 85ms
84ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48AA) /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: br
age: 1906132
x-cache: HIT
x-client-device: desktop
content-length: 18371
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: ECAcc (ama/48AA)
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 16:59:55 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
318 B 260ms
60ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTY2MTE1OTQ5NTUsInBhY2tldElkIjoiMDAwMEE3MDEtNGI2Yjk5NTYtYzkwNC00ZGMyLTlmN2YtNTgzN2IwMjlkOWM5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXlhby1wYW4taGVuZy14dS14aWEtdGFpLW51LXBhbi1mZW4tcWktemhhLXFpYW5nLXNoZW4tamluZy1iaW5nLWdvbmctcmFuLXd1LXJ1LWJlaS1xaS1zdS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=3394.2999992370605
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
364 B 261ms
60ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A06C 0
0 88ms
88ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBnpZS8q7HY-ED8cj0URm4hgaFS3zA5hpEIEX69HNXey44M8m3WTy4u0M-Nhxct6NvR6XmrY5Tw4H-8mfJlhq-FiWm-51XxleoWE7vKh6DULu4zqrb3vEnXkpUVO-bxnVnIfvSy7k_wupHUK5OyrN3jiw-v_VNsUm_WC6qQ4gdu2ADQNlGyqby5UQymDOB5tDnJconr_CYQ_V2MmQOeidBN5G607Ap6z4_FPKr2DLdHkL3UICSbWII56qRRnNPJBmEjw3LU-Sz6roconLIkyHTCQ7qlqH1fCnAktkblhO_uH7isq-Ji1XZd010KP1x2-hBoQ&sai=AMfl-YSlYbSSoAO6MAjCXgu14wsYVPfkGX6JdP5zu3ZmY13o0GMz13jv7whPMzVG_BLXwBKiiEIvrSSNTQNv_9cSztpqIW-JxLCno8yYBNaV9vCaJPDzY-oCnWqFLtlHJCLYzeypyEsJnaUot9xGi58&sig=Cg0ArKJSzKPvjvEHCmoYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 16:59:55 GMT

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 225ms
90ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 13:45:26 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651ebdf6-66b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 06 Oct 2023 17:59:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A06C 187 KB
59 KB 455ms
53ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:55 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 151ms
62ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY2MTE1OTUwNzIsInBhY2tldElkIjoiMDAwMEE3MDEtNGI2Yjk5NTYtYzkwNC00ZGMyLTlmN2YtNTgzN2IwMjlkOWM5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXlhby1wYW4taGVuZy14dS14aWEtdGFpLW51LXBhbi1mZW4tcWktemhhLXFpYW5nLXNoZW4tamluZy1iaW5nLWdvbmctcmFuLXd1LXJ1LWJlaS1xaS1zdS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3511.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 147ms
62ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY2MTE1OTUwNzYsInBhY2tldElkIjoiMDAwMEE3MDEtNGI2Yjk5NTYtYzkwNC00ZGMyLTlmN2YtNTgzN2IwMjlkOWM5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXlhby1wYW4taGVuZy14dS14aWEtdGFpLW51LXBhbi1mZW4tcWktemhhLXFpYW5nLXNoZW4tamluZy1iaW5nLWdvbmctcmFuLXd1LXJ1LWJlaS1xaS1zdS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3515.8999977111816
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 141ms
61ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY2MTE1OTUwNzksInBhY2tldElkIjoiMDAwMEE3MDEtNGI2Yjk5NTYtYzkwNC00ZGMyLTlmN2YtNTgzN2IwMjlkOWM5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXlhby1wYW4taGVuZy14dS14aWEtdGFpLW51LXBhbi1mZW4tcWktemhhLXFpYW5nLXNoZW4tamluZy1iaW5nLWdvbmctcmFuLXd1LXJ1LWJlaS1xaS1zdS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3518.3999977111816
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 425ms
425ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2775816213619405&correlator=1742933709054146&eid=31077232%2C31078601&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&arp=1&abxe=1&dt=1696611595085&lmt=1696604395&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=525398678.1696611595&ga_sid=1696611595&ga_hid=1151098569&ga_fc=true&dlt=1696611594063&idt=779&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_9_0_pv%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b48f37206cdaf469a7fc9133c16272547258310ba582988844af4b36db4b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17614
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 37 KB
13 KB 61ms
61ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-54-73-199-225.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

ed2dc6197db320dbb5f71701e2c6726f550c664ac2af93a45be77fd5aa6bbf57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 10:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21763
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13133
x-xss-protection: 0
server: cafe
etag: 7292547787051703637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 05 Oct 2024 10:57:12 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
735 B 61ms
60ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1696611595093
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F4) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 05 Oct 2024 16:59:55 GMT
date: Fri, 06 Oct 2023 16:59:55 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (ama/48F4)
age: 4341271
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 128ms
61ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTY2MTE1OTUwNzIsInBhY2tldElkIjoiMDAwMEE3MDEtNGI2Yjk5NTYtYzkwNC00ZGMyLTlmN2YtNTgzN2IwMjlkOWM5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteW91LXlhby1wYW4taGVuZy14dS14aWEtdGFpLW51LXBhbi1mZW4tcWktemhhLXFpYW5nLXNoZW4tamluZy1iaW5nLWdvbmctcmFuLXd1LXJ1LWJlaS1xaS1zdS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3533.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 499ms
75ms Script
application/javascript 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 13 Oct 2023 16:59:55 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 514ms
85ms XHR
application/json 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231006

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

267c52339b51b10f1694420961e8d3d1bd17f75dd055add53629c26f28e1393d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3542
x-jsd-version: 1.0.1835
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4540-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"640-6wjSDAwpbK7sfm+4iViHcAJd9Lk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfFih1mZWwIBT6ACT0Kmfo3gojR0%2BGJvh55IPK6jMSznsIaovmvN0o5LdqdeQN3wrv28iTCnJkpFds%2By0heFvDCHq3JaH1aNDxktDCfBoFF1XidOSeL2P5%2BK5NkzwhRAWOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 811f7528890c3cbf-CDG

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 301ms
174ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 1adc83e111bed71397f29ea4d64d5c713f4b410fad8ddf712f5ffd86bed345e6

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:54 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 16:59:55 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
517 B 310ms
87ms XHR
application/json 54.73.199.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.199.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 20
content-length: 3
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 34 KB
20 KB 713ms
411ms XHR
application/json 3.123.45.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.45.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-45-150.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8ef195e4a5a41355d367432537ac17abc70b2be1bba88660abefed792af8738d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 06 Oct 2023 16:59:55 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20135

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 26 KB
11 KB 392ms
210ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff77556acf508880dd67dfec4c9124628eb39668621bdeed9a9c8a32f6a5832

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1kYYroLoOj9WN3qkCK%2B4B0DDdMnjUWJYeDgwrfpqrxscOzK89yzwO0gWYcvy7wUDYAhWjJN7TJd6RjhKdkYQZqK7dJvUGCiOk3F%2FtnhwTd3eZEEOAmHTdjYY1aAfAsc6xNjQ77C"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 811f75271aed22b6-CDG
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
312 B 388ms
206ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6725cec3d589015d9dafd94887907fe6e3fff2c86e5d065cf56b13043d0102de

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTZNwmM%2B60MBzN8DKkXHxN219O5EpKTn0VdyB8ihRBpbau4kjw4wQtp%2Fz7gWhUVALY1ZA577JwtnKXqhjJPAjryD2W8qpig3Z%2FA95%2FV6FdyeBueUjvJlwjZLT3TzdxApPKntFq3k"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 811f75271af122b6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
543 B 310ms
128ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6725cec3d589015d9dafd94887907fe6e3fff2c86e5d065cf56b13043d0102de

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQnkG2nqQbaHboStWlLoi4uLnabov2aUuhAX7sycvUmGML%2FRGvUTvUSQcaUSn3nZ%2FXIjKpdtaRamj%2FdNgTo7WfrISc4tM%2BDD0VdNqb8EeV2rSEQEt9Wb5yEhUuRywgiKb7xi5Ijq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 811f75271af322b6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
700 B 211ms
68ms XHR
application/json 35.156.100.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&tmax=2500

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.156.100.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-100-108.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
779 B 281ms
80ms XHR
application/json 34.251.33.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=3645
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.33.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-33-30.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
274 B 257ms
78ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 06 Oct 2023 16:59:54 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 256 B
1 KB 414ms
237ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cb06496fb55d8a3d446e382386714e57ee5653a509b2b08f4cbabe4112e59c2f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
an-x-request-uuid: c3aa28ea-9e19-4741-bbd2-eaf57e544a21
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.39.188.243; 178.39.188.243; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 256
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
466 B 309ms
64ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 2719bf4fa00557117ea7953cda41cdd2604ec50130eec95a99cda17d8fcc1b41

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.0.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 29 KB
12 KB 648ms
209ms XHR
application/json 213.19.162.43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=b6f3ece3-98a5-4784-be9c-3fec885fa7b1%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E7%B6%B2%E5%8F%8B%E8%A6%81%E6%BD%98%E6%81%86%E6%97%AD%E4%B8%8B%E8%87%BA...%E5%A5%B3%E3%80%8C%E6%BD%98%E7%B2%89%E3%80%8D%E6%B0%A3%E7%82%B8%E5%97%86%E7%A5%9E%E7%B6%93%E7%97%85%EF%BC%81%E5%85%AC%E7%84%B6%E4%BE%AE%E8%BE%B1%E8%A2%AB%E8%B5%B7%E8%A8%B4&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=d7d2362a-224c-478c-afc6-012a4a3c567f%3Bb6881c48-4aca-455e-9b54-17a3e0bd3b46&l_pb_bid_id=47eed0a7ec7baf9%3B4831b10c82017d7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d7d2362a-224c-478c-afc6-012a4a3c567f%3Bb6881c48-4aca-455e-9b54-17a3e0bd3b46&rp_maxbids=1&slots=2&rand=0.6714254199490484
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.43 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6e7eb1bb2b971305bd4e49e4b47a15db9dd592561cbb12b56b4da2e05f7930bb

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 2 KB
939 B 413ms
224ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eaea55cf4fe659cbd3f7a60f73a5aef7e5cefdcc97c07ab5159536342d5ed8c9

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 487
expires: Fri, 06 Oct 2023 16:59:55 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 647ms
225ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=50450426251&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 06 Oct 2023 16:59:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 245ms
90ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 811f7526f9cc99c2-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 244ms
89ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 811f7526f9ce99c2-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
498 B 201ms
51ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
144 B 337ms
192ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0d3d8d27855a6b7021e072c04f7f67b600582e00b9888463309d3a1d0744a615

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 203ms
59ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 202ms
58ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

GET
H2 200 floating-unit.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 69ms
68ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db4ca408171c572363cd1e6a48565cac33fd0a55943ca9dc1df0ae8611461409

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OUh1dEfyajWSTA0vbdxZhGN05CTxpMuj
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: 7B13BT88JSAWDNJT
age: 95093
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: 6ZMrPm0gQ2BK6kXiuu/JTEmyanP8FiGVnPg1XMItVN4Z92dcoYuTwIM1FeyiBWjOJpm0TPY/CBc=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:35:03 GMT
server: AmazonS3
x-timer: S1696611595.328641,VS0,VE0
etag: "2454c2bd4f06a6cb801de9c78d323db8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3526

GET
H2 200 taboola-vignette-new-scanning.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 94ms
94ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35eb7d73ef60cec50c43353385abf319317ba00e9d78a7d4cd0b49190754c932

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gw_zt6Ft5_CyduULqfXdxXMMyJ075LvW
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: 93ETT5CEREPC8K8M
age: 95036
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8019
x-amz-id-2: xal+rZb995w8YBj+lDEThIaPg/wxFm6qjJI37Yjcred09h3SDTj+4ZXfj6/M398caweee/jvJNI=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:35:59 GMT
server: AmazonS3
x-timer: S1696611595.358541,VS0,VE0
etag: "60caa041f29eec7de6659127ddc8151e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1930

GET
H2 200 distance-from-article.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 77ms
77ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef1dcaf299e01d8c9274e7640eaba287bbb24be138d81d59a4377883f9c1512c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0eHZAkXRalpmt8X0UB0UI4pFWBbpfHCn
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: HRFMZEB65109VD60
age: 95129
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1131
x-amz-id-2: tA9e9ZSrJbePF32w9CQWCeGTB4Nu5w2snHZ1Zds7BdZl9kYNDcPhejQw/+cvM1fuutqyyQLvMAo=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:34:26 GMT
server: AmazonS3
x-timer: S1696611595.358497,VS0,VE0
etag: "7b19a6b6aab01474d6430893f66cf7d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 18
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 39813

GET
H2 200 article-detection.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 76ms
75ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8256a3552d7b5718e1893c202df5514114c7f824a817a566bd90341e1329585d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cV9mHHhZtc5TvN6Df8K2LcdEVn4lrYsn
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: Y6RYX8F5QPNGQEQK
age: 95159
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: JGe7k8eM2ZnUX5itRhbcemGiSgkhLg15FprHtTQW5qJdjEQh/lXgwvxANAbk2gtUJe9LNhBgonM=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:33:56 GMT
server: AmazonS3
x-timer: S1696611595.358465,VS0,VE0
etag: "4f9543a2a53bc9619f111dff09bce430"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 39913

GET
H2 200 article-and-feed-area-scanner.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 76ms
76ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0764cbc4ae21601aaf7702bf0439228522077d0f51bc0c13fa8eb782bccb030a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7JoAF421VkEJfujMm9cBU3CVdAYPuctP
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: 65NTF037BKR6NYA9
age: 95169
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1147
x-amz-id-2: HRHFmSlG9Wg8ySYYzCAXCEuuqAhVBtE+4rPAV9CA+U6AOhGq9Nh5XT1pLrzKPmPXiOOvCl/DKyg=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:33:47 GMT
server: AmazonS3
x-timer: S1696611595.358439,VS0,VE0
etag: "084dc38bc58b26420d5e3a899c858975"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 12443

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.4.1/ 125 KB
34 KB 214ms
66ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06dbd194f8dd1ea2dada8e73f5c7ad05157e3821ca00ce6a4cd65845014763c3

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 054609fe51831eb8825d39133f1a4c84.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: AMS1-P3
age: 120781
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 34291
x-served-by: cache-ams21024-AMS
last-modified: Thu, 05 Oct 2023 07:24:55 GMT
server: AmazonS3
x-timer: S1696611596.503849,VS0,VE0
etag: "06281ced7888ead68c46169c4976ecd6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 4n8yLGSwNjupukqzj-DOmzrBuJ2Y4yHKhC3uJCf3Ehq2ob1WqNTvKg==
x-cache-hits: 3820

GET
H2 200 feed-card-placeholder.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 73ms
73ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 122bbb82786de45f899024e30ba46be0ffe396c5db6d68060671ffd83ab6c76f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: x3LUvMOi.ErsvLi0WZLoUEWSc6EFDRqn
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: 6549XEVTX6E8NB0B
age: 95109
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: MQW2GzcJGdovA1/+jNntJIDbkQjEtKH5ZaaS++okE38t2b7sorsorEj8xYRUZ13aB5iGJj2FrQ0=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:34:46 GMT
server: AmazonS3
x-timer: S1696611595.358400,VS0,VE0
etag: "85cba1ea192707579f92c3cb4e1e588d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 32890

GET
H2 200 userx.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 88ms
88ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2260074041e8fd0d66221a864f90c5e6946fd01f8043bdd96fed3587ccebce86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YWbsZDzlKwxeakVdEW4iecKrSPOQLf8z
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: Y1W9Y84JP6YXAVMR
age: 95026
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: MV8YUvHxqxXSHmjOLn0Ar+JFZfIBxPZtqKwpk3uWSxoVFycqUCLDDSqRf2ySutpgR29sAHrwX2I=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:36:10 GMT
server: AmazonS3
x-timer: S1696611595.384461,VS0,VE0
etag: "4738353038981e781d2ef7a3930ffbf5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7232

GET
H2 200 explore-more.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 75ms
74ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfbf1436bf452e5623d63496ca8ec4fecd68b518f2b8f461f4a62d3c8f1cd55c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nzLq9ONcfE_htyhLXO9NsXqaHJwe93dv
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: 1FQSMN6SZP36VNSV
age: 95115
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7705
x-amz-id-2: Vt5zoaq6tn9EP90OZ/cmb26j0khEK8TIqJjWGPreqogn7vog9JfD5gMjDTnfzP07ONC+NPHkFo4=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:34:40 GMT
server: AmazonS3
x-timer: S1696611595.384450,VS0,VE0
etag: "b01b35aca56f500625fb346048afd931"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 14297

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 374ms
107ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=18%3A59%3A55.301&id=7602&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 374ms
107ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1696611595302%7D&tim=18%3A59%3A55.303&id=5816&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 374ms
108ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696611595314%7D&tim=18%3A59%3A55.314&id=127&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 373ms
108ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A59%3A55.342&id=904&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 371ms
106ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A59%3A55.347&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9942&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75512

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 372ms
107ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A59%3A55.348&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=9329&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75512

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 146ms
145ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A59%3A55.352&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4525&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75240

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 147ms
145ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A59%3A55.353&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6176&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75240

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 147ms
146ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A59%3A55.358&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5538&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75240

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 81ms
80ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: TZRV815EMAFY1JBF
age: 44
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: v5SDmim5AHD1xUYx+tpwQ3ehER8nJJjDtZKSR7zLZUfaHgPhMWhJVk4BNKiXJLg3LG/QSQSHEMY=
x-served-by: cache-ams21034-AMS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1696611595.412204,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 0
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 13

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 99 KB
100 KB 168ms
161ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 420c51139b8fcc2845a09842553569c73ac1265d44852111218d7e5d398af250

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 86
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_675%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 272701
edge-cache-tag: 461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 759
req-referer: https://newstral.com/
content-length: 101772
x-request-id: f92386e17567b09e888c041fb9a462cd
x-backend-name: LA_nlb204
x-served-by: cache-iad-kcgs7200065-IAD, cache-iad-kcgs7200065-IAD, cache-lax10632-LGB, cache-iad-kiad7000025-IAD, cache-ams21034-AMS
last-modified: Sun, 10 Sep 2023 20:59:51 GMT
server: nginx
surrogate-reporting: width=1194,height=896,bytes=189417,owidth=1344,oheight=896,obytes=2183212
x-timer: S1696611595.439241,VS0,VE86
etag: "208b5e98b1735467f15b4f9869c3cbb9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 0

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 76 KB
77 KB 82ms
75ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 1998174
edge-cache-tag: 461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 391
req-referer: https://www.sciencealert.com/
content-length: 77796
x-request-id: 46cfbee3afc200499b4c7c1a1af0576b
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200159-IAD, cache-lax10659-LGB, cache-iad-kjyo7100056-IAD, cache-ams21034-AMS
last-modified: Sun, 10 Sep 2023 20:59:51 GMT
server: nginx
surrogate-reporting: width=1344,height=672,bytes=180925,owidth=1344,oheight=896,obytes=2183212
x-timer: S1696611595.439217,VS0,VE2
etag: "71e7328a598628fe3e7dc8b93d19f889"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 26, 1, 28, 1

GET
H2 200 8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 63ms
63ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f5113f6fdf912946eb427523777f496019f8b48d318d33db21a61f091d78978

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age: 3394759
edge-cache-tag: 469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 35
expiration: expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.expertoanimal.com/
content-length: 16422
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100020-IAD, cache-iad-kjyo7100020-IAD, cache-lax10644-LGB, cache-iad-kjyo7100167-IAD, cache-ams21034-AMS
last-modified: Thu, 24 Aug 2023 08:56:56 GMT
server: nginx
x-timer: S1696611596.512803,VS0,VE0
etag: "ff39c8a01202a06ef26c0143701091ae"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 158, 2

GET
H2 200 1432131219__fZLnLoj9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 13 KB
14 KB 57ms
57ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1432131219__fZLnLoj9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f1edce9f804688fe03f8aeeff0a6b5862ca9f23d71e42f18eaa9443dd80419b0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1432131219__fZLnLoj9.jpg
age: 700577
edge-cache-tag: 375514211737480955375029570367630459108,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 375514211737480955375029570367630459108,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 509
req-referer: https://sports.ndtv.com/
content-length: 13794
x-request-id: c88aedeeab2353f8518b3189838ba120
x-backend-name: US_nlb102
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100159-IAD, cache-pdk-kpdk1780035-PDK, cache-iad-kjyo7100068-IAD, cache-ams21034-AMS
last-modified: Thu, 28 Sep 2023 12:13:33 GMT
server: nginx
surrogate-reporting: width=460,height=256,bytes=27594,owidth=2025,oheight=1480,obytes=1140726
x-timer: S1696611596.579555,VS0,VE1
etag: "f30535c2b3031d07a0c63ab716096722"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 46c4bfc88edd35b898ac6b5b5d7fdf61.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
14 KB 90ms
90ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2944cb90199155797753e32e674ec4180513251c71b5d74a9f3baa9d62194aad

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
age: 743521
edge-cache-tag: 449086405388078158053108571683208432630,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449086405388078158053108571683208432630,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 331
req-referer: https://www.elmundo.es/
content-length: 13880
x-request-id: 3564a6b4d40fb098c56e6534b8ce7917
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200154-IAD, cache-iad-kcgs7200154-IAD, cache-lax10623-LGB, cache-iad-kiad7000125-IAD, cache-ams21034-AMS
last-modified: Wed, 27 Sep 2023 09:15:30 GMT
server: nginx
surrogate-reporting: width=635,height=317,bytes=14100,owidth=635,oheight=430,obytes=258520
x-timer: S1696611596.606673,VS0,VE1
etag: "2500b727175cbe5cc65e71bf6fff690d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 3, 1

GET
H2 200 6d9ea461ce8b785bdc07aa27fd83bee7.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_0%2Cy_226/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 50 KB
50 KB 78ms
77ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_0%2Cy_226/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6d9ea461ce8b785bdc07aa27fd83bee7.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83843164d6598339ffbb23f2b7a5ee21f6703008671c363343362b8b30b3982c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_0%2Cy_226/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6d9ea461ce8b785bdc07aa27fd83bee7.jpg
age: 199314
edge-cache-tag: 579252943571043111744303529619892252310,599782121347679400521773195563462665136,29ecf9b93bbf306179626feeda1fab70
cache-tag: 579252943571043111744303529619892252310,599782121347679400521773195563462665136,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 232
req-referer: https://www.t-online.de/
content-length: 50734
x-request-id: 850398716708dd45a103b6dc83159fb0
x-backend-name: CH_nlb804
x-served-by: cache-iad-kiad7000077-IAD, cache-iad-kiad7000138-IAD, cache-iad-kiad7000021-IAD, cache-ams21034-AMS
last-modified: Wed, 04 Oct 2023 09:36:43 GMT
server: nginx
surrogate-reporting: width=1199,height=674,bytes=115496,owidth=1200,oheight=900,obytes=79716
x-timer: S1696611596.606642,VS0,VE2
etag: "00940ffab709fa5e01d6b96d75cff4d2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3, 1

GET
H2 200 68ed89b2f48f183ee7d774531a337a14.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 91ms
90ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68ed89b2f48f183ee7d774531a337a14.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c34dd689c3d2e5e3369e0d0df84b5d852225767b5c8fbb642d4472d14a09cdb9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 14
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68ed89b2f48f183ee7d774531a337a14.jpg
age: 1429902
edge-cache-tag: 365167194386843551026551192643542346029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 365167194386843551026551192643542346029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 73
expiration: expiry-date="Fri, 06 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.unprofesor.com/
content-length: 5782
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100151-IAD, cache-iad-kiad7000036-IAD, cache-iad-kiad7000128-IAD, cache-ams21034-AMS
last-modified: Tue, 05 Sep 2023 11:30:02 GMT
server: nginx
surrogate-reporting: width=460,height=256,owidth=1200,oheight=800,obytes=653026
x-timer: S1696611596.642677,VS0,VE14
etag: "14f814674a4c5035c7121c01614bff66"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 467, 1

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 87 KB
88 KB 73ms
73ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 12
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 2116533
edge-cache-tag: 461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 261
expiration: expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://joydelivery.com/
content-length: 89246
x-backend-name: US_nlb101
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100068-IAD, cache-iad-kjyo7100170-IAD, cache-ams21034-AMS
last-modified: Wed, 16 Aug 2023 19:59:42 GMT
server: nginx
surrogate-reporting: width=1344,height=746,owidth=1344,oheight=896,obytes=2183212
x-timer: S1696611596.642643,VS0,VE12
etag: "ecebe3f0b20bc86f86907281770c8cb6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 42, 1

GET
H2 200 46c4bfc88edd35b898ac6b5b5d7fdf61.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 66ms
65ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6090302c974abaf082b19cafc3af71e27c761ec5b07c98f4f19ba4b59af9d0f2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
age: 805465
edge-cache-tag: 449086405388078158053108571683208432630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449086405388078158053108571683208432630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 243
req-referer: https://frequence-turf.fr/
content-length: 15790
x-request-id: ecb9eae3cd2ba4fc98ed930a32b6eabc
x-backend-name: CH_nlb803
x-served-by: cache-iad-kiad7000065-IAD, cache-iad-kjyo7100101-IAD, cache-iad-kiad7000044-IAD, cache-ams21034-AMS
last-modified: Wed, 27 Sep 2023 09:15:31 GMT
server: nginx
surrogate-reporting: width=635,height=352,bytes=15435,owidth=635,oheight=430,obytes=258520
x-timer: S1696611596.678533,VS0,VE1
etag: "9eef29181348c91fd85eeaf4c8fef123"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 11, 1

GET
H2 200 8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 41 KB
42 KB 66ms
65ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e631720f34cdbb1bb673d53f90ae973c986f01be81a8872edd0ba75129967fed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age: 1316294
edge-cache-tag: 469380595437447606234874652449541692371,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 469380595437447606234874652449541692371,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 297
expiration: expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.theoaklandpress.com/
content-length: 41944
x-backend-name: CH_nlb804
x-served-by: cache-iad-kcgs7200049-IAD, cache-iad-kiad7000131-IAD, cache-iad-kcgs7200070-IAD, cache-ams21034-AMS
last-modified: Sun, 20 Aug 2023 10:18:06 GMT
server: nginx
x-timer: S1696611596.678515,VS0,VE1
etag: "bf7716b13e632f6729ca265e0367df1c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 47, 1

GET
H2 200 1432131219__fZLnLoj9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 43 KB
44 KB 62ms
61ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1432131219__fZLnLoj9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7d1941147b713138c439ada82e1c29cb23c9fd9cdf1dc1cfacdcd394aff10a6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1432131219__fZLnLoj9.jpg
age: 691162
edge-cache-tag: 375514211737480955375029570367630459108,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 375514211737480955375029570367630459108,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 902
req-referer: https://noataque.com.br/
content-length: 43924
x-request-id: e055186309bfa818aec999ba17c3ef85
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100097-IAD, cache-iad-kjyo7100176-IAD, cache-sna10722-LGB, cache-iad-kiad7000121-IAD, cache-ams21034-AMS
last-modified: Thu, 28 Sep 2023 12:13:33 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=95443,owidth=2025,oheight=1480,obytes=1140726
x-timer: S1696611596.729756,VS0,VE1
etag: "ad4dd6477dade8c7d33436eb1f673a6a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
617 B 66ms
66ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6761
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08jdqQJ%2BuwJJtnKKEl1zpvCCnpLJtPu%2FLXvdG0zNVw4VVknExAV5Ky3tIocY1FdWRJOedwBUza4cPJDIv9vcqV7ZtU4EfqKpsZX%2Ft6npx4qjiumqN6M9VctWFntYTBnBwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 811f75276bfc2a16-CDG

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 691ms
175ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 8a997bf054ccd510533594c61d68b205139c3eb24e919dd4ebda96fc6a7a3ab3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:55 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 52 KB
18 KB 134ms
134ms XHR
application/json 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&referrer=&async=1&uid=8720108427&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b0a9df12153352d15ddc84b8ce4f391fe631ed96cfa0472ac3dfddea39dc9ec2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 642ms
319ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8254678464147249&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H2 200 next-up-widget.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 58ms
58ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca4ac0e6739de3f74265d0d315e01c79304d7c806d3b4e60b348e8d0d6b0f255

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ba0r1Ta6wpqXP4e8O6DpcqLr0dRlf.Tk
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: BSETTFGC6QQ1GBVX
age: 95082
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: +7xxEIvgu84jxq/00BpshxtYt8wTeNg99NqScVmO+xiNIRLL7jwq+p05rxrHrKXcvlvrq8diteQ=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:35:14 GMT
server: AmazonS3
x-timer: S1696611595.482005,VS0,VE0
etag: "a3cf22a21dd2d4b686ce14a9e2834a9a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3412

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 114ms
113ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1465%7D%22%2C%22eventTime%22%3A1696611595526%7D&tim=18%3A59%3A55.526&id=8288&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 113ms
112ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A59%3A55.562&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5469&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 74607

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
988 B 468ms
68ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 15:25:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 16:59:55 GMT

GET
H2 200 spa-detector.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 73ms
72ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07484cc5c4459104a809bfb7d227ac3beaaf0424da333e640669339201943e66

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lQH2_VFKv6gmc4GuKBb9CZFD.KKQHW7I
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:55 GMT
x-amz-request-id: TRPCG6SET5BPS3A7
age: 95061
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 778
x-amz-id-2: uXmoaXre2sWlE/hFWyXygSXuSELlSd+3gKLONJOsTVdsRTjz3pm7vSjeaQenjNmptFGP5wG9cHg=
x-served-by: cache-ams21034-AMS
last-modified: Thu, 05 Oct 2023 14:35:34 GMT
server: AmazonS3
x-timer: S1696611596.606630,VS0,VE0
etag: "2d2ae3a73b62b76cf931a21826ba643a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 78
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 15285

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 114ms
113ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A59%3A55.563&id=8955&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 115ms
114ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1696611595568%7D&tim=18%3A59%3A55.568&id=2958&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 115ms
115ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A59%3A55.571&id=262&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 115ms
114ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696611595572%7D&tim=18%3A59%3A55.573&id=763&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 container.html Show response
ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64D2 6 KB
3 KB 52ms
52ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:55 GMT
expires: Sat, 05 Oct 2024 16:59:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9DC8 4 KB
2 KB 46ms
45ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

6a11abd8c0f2ca74738b1c5a7b3737c64a40f5af71a3a51ec21f2125898c150d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1436
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 359 KB
123 KB 537ms
60ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125855
x-xss-protection: 0
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 57ms
56ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 06 Oct 2023 17:59:55 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 60 KB
13 KB 61ms
60ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2023 13:43:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651c1a89-ee50"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 06 Oct 2023 17:59:55 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 88 KB
23 KB 84ms
83ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=408ded0117167cba89cbc03d97149c7a
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 30d4b5c37756882cba7485ed2fb9aa7584706169e009301a994501fe42d79759

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2023 13:43:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651c1a89-160d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 06 Oct 2023 17:59:55 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 129 KB
41 KB 87ms
87ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 07:44:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdedec-205ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 06 Oct 2023 17:59:55 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 291 KB
98 KB 116ms
113ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0875d75edd6527852997d30004de822aa3a2f1e5e08d6cf2b43adc02ad8ee912

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 13:45:26 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651ebdf6-48a27"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 06 Oct 2023 17:59:55 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 137ms
135ms Stylesheet
text/css 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=80339d67-ee1f-4bbc-8100-3be55325f37e&p_id=23

0
151 B

112ms
111ms

Image
text/plain

185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=80339d67-ee1f-4bbc-8100-3be55325f37e&p_id=23
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=80339d67-ee1f-4bbc-8100-3be55325f37e&p_id=23
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f496ca80-ff69-4693-a65c-ce5f66fbc2fa&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f496ca80-ff69-4693-a65c-ce5f66fbc2fa&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=ae898cf8-9bc3-5217-b76e-8a48d24eb744&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&p_id=15

0
154 B

251ms
107ms

Image
text/plain

185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&p_id=15
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: //ad.vidver.to/delivery/v2/sync?userid=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&p_id=15
date: Fri, 06 Oct 2023 16:59:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 103ms
98ms Image
image/png 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Fri, 13 Oct 2023 16:59:55 GMT

GET
DATA 200
OK truncated
/ Frame A06C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc81f4aec841ac244eb4a44922f3323a822c380f571837b38dc81183697cf280

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A06C 0
0 537ms
89ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvtz35UeUyB35vY-RV5JPQ7zgn0saLresn9GlnKRG9uGzE7IBnEqA7MS237SJrfxEimxchfuMQMvY9fBIs4TqRxloJfW2PKOut6LVpHH41OSxYxEzI3E4E7Bil_dYMHv0GcDPtXFHPxqx8Jfc7TrXrP2Ls-aiRrJ21DHxJPZqlm2hy3q-KnpJ5MELRBOXSZ2v0jBOwMvfy2K-lHPUtrHAAfU3BpajYO9ouVsGob3jq3VTFZPA2T_jP3nG-e-pNrtrZsQtBA45xQa0oDbkqNbuwHj9ElcEVFw6fESFZ_G-GdtvNnRE7XNgcyHpwtFKMFGQ3aIAq&sai=AMfl-YRYfIQ2IiENsi-2OTAqdYP52yiFFv1quNKHAz7ucLqUjwxBFSvAuHdcyoIzfbmacCuCVYIZdenrKnK1GMcAtEIIWIueeqiNXSDHTnyMnvVAezbMMmD9RQDltb9OGU9Hnv0G6PaR43IAeUYNICY&sig=Cg0ArKJSzKSnxbL7UTwGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 121ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9058&lti=deflated&ri=97b03ae081ddb7884ec19f0de2669eb0&sd=v2_cb47ac2b5418a39eb8faa685f244071b_8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a_1696611594_1696611594_CNawjgYQ2YJdGJXkua-wMSABKAEwKziy0A1AzYgQSPag3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a&pi=/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&wi=5462523502560842086&pt=text&vi=1696611594773&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.015625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A59%3A55.676&id=2268&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 85ms
85ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 1461139
edge-cache-tag: 461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 209
expiration: expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://footballitarin.com/video_page.php?id=127686
content-length: 7746
x-backend-name: CH_nlb804
x-served-by: cache-iad-kiad7000088-IAD, cache-iad-kiad7000084-IAD, cache-iad-kcgs7200049-IAD, cache-ams21034-AMS
last-modified: Thu, 24 Aug 2023 01:18:11 GMT
server: nginx
surrogate-reporting: width=160,height=160,owidth=1344,oheight=896,obytes=2183212
x-timer: S1696611596.771584,VS0,VE1
etag: "d0128170b80ae3f72d7f0bc017645d98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3, 1

GET
H2 200 46c4bfc88edd35b898ac6b5b5d7fdf61.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
4 KB 86ms
86ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 782c942b06bffc2d4601b284b77627d35394c044b55aab733bf714bb27303cee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
age: 735135
edge-cache-tag: 449086405388078158053108571683208432630,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449086405388078158053108571683208432630,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 423
req-referer: https://de.ccm.net/download/downloaden-4422-tftpd64?n=1
content-length: 3694
x-request-id: f6abc60acc19c6b89e20f98d72ea2a95
x-backend-name: US_nlb103
x-served-by: cache-iad-kiad7000118-IAD, cache-iad-kiad7000032-IAD, cache-iad-kjyo7100081-IAD, cache-ams21034-AMS
last-modified: Wed, 27 Sep 2023 09:15:30 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=4966,owidth=635,oheight=430,obytes=258520
x-timer: S1696611596.771569,VS0,VE1
etag: "e240b75b7042eb74f1696e88a19c6b84"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1

GET
H2 200 8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 85ms
84ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 62c9f3349dd35e235fde6fe35230733f918c53c10b9dde9e682b9683c9706cb1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 16:59:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age: 1481127
edge-cache-tag: 469380595437447606234874652449541692371,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 469380595437447606234874652449541692371,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 117
expiration: expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.msnbc.com/
content-length: 4708
x-backend-name: US_nlb106
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000024-IAD, cache-iad-kjyo7100133-IAD, cache-ams21034-AMS
last-modified: Mon, 28 Aug 2023 12:21:14 GMT
server: nginx
surrogate-reporting: width=160,height=160,owidth=1344,oheight=896,obytes=1243876
x-timer: S1696611596.771501,VS0,VE1
etag: "c5e9dd0035f7668ba0fccfca78b9ee91"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 161, 1

GET
H2 200 css2
fonts.googleapis.com/ Frame 64D2 4 KB
1 KB 312ms
67ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 15:52:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 16:59:55 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 51F0 478 B
531 B 583ms
114ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGPiexvUBMAE&v=APEucNUqmiIfUKPUdKVFDgpqFCaFZz8kzg1y6q72UNjsMt7j8HsqRVCupQK0lmxksUtbLJvLgCnETUowMGlEo3e1TxGcSlfB9A

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F5F2 89 KB
31 KB 642ms
192ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F5F2 3 KB
1 KB 509ms
59ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:59:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:59:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F5F2 20 KB
9 KB 494ms
45ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:33:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F5F2 0
0 529ms
60ms Image
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTruX_etSaiB1uLcAyeoXIDIBe6aorCWBURjRU5H1BaW8m4F48PpkwEW9nAA4-kAfVPmiFxXfwp610APRxj0Z0e16m8Bg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5F2 187 KB
59 KB 93ms
87ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:55 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5F2 42 B
110 B 586ms
137ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APtLNzqTTPSbY5BAUHGGT4boltS26flPd6mMVXNXIhwXE5WKwzWtMZX8TcvypmRlsGzBrjDCDGtdcVLYgtphF-mIuu3dgvxf1e4AUGIjbN9Zggwb0

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5F2 0
121 B 585ms
137ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7830363104976621317&x=1&ct=76

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 64D2 20 KB
8 KB 501ms
52ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:52:29 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 9DC8 43 B
443 B 192ms
48ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:55 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 06 Oct 2023 16:59:54 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 9DC8
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LNEUQLS6-15-AC5B&gdpr=0

0
291 B

75ms
75ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LNEUQLS6-15-AC5B&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LNEUQLS6-15-AC5B&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 9DC8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4056016590402551421

0
291 B

62ms
61ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4056016590402551421

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
an-x-request-uuid: 4917ac2c-3027-4c26-b67b-bf52c5d50c9e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4056016590402551421
x-proxy-origin: 178.39.188.243; 178.39.188.243; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 9DC8
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=0

0
291 B

106ms
105ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:55 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1696611595933007-512
Expires: Fri, 06 Oct 2023 16:59:55 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 9DC8 42 B
773 B 286ms
79ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=4GwVc_bKEe_-zzSsSheXfOEPORzlh-2WgizO-sfmzVw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9DC8
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXudfC8kTnDS1fcLC3KkRE2vEc3rnUFXw

170 B
243 B

221ms
92ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXudfC8kTnDS1fcLC3KkRE2vEc3rnUFXw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXudfC8kTnDS1fcLC3KkRE2vEc3rnUFXw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 9DC8
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=2592130196638579605

0
291 B

101ms
100ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=2592130196638579605

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=2592130196638579605
date: Fri, 06 Oct 2023 16:59:55 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 9DC8 0
0 206ms
60ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9DC8
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P0_9b__Zcua6GTwGtbCYUdUOqxK18dzrJ-G1S5kdNko

43 B
479 B

741ms
192ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P0_9b__Zcua6GTwGtbCYUdUOqxK18dzrJ-G1S5kdNko

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J82J5N9S7J6HYV2FQ134
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P0_9b__Zcua6GTwGtbCYUdUOqxK18dzrJ-G1S5kdNko
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 9DC8
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUY1ODhEMTYtQzIwOS00NjA0LUJDRDgtQzhBQ0FBMEE1MkJG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1F588D16-C209-4604-BCD8-C8ACAA0A52BF

0
291 B

60ms
59ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1F588D16-C209-4604-BCD8-C8ACAA0A52BF

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1F588D16-C209-4604-BCD8-C8ACAA0A52BF
date: Fri, 06 Oct 2023 16:59:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 9DC8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN1jEb3MUV7kUs18bx62Nd4&google_cver=1

0
291 B

76ms
75ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN1jEb3MUV7kUs18bx62Nd4&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN1jEb3MUV7kUs18bx62Nd4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 9DC8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-7_EkyulE2uEVexT4cU0Xoy1sYbhgbvQhN3Lnq_M-~A

0
291 B

56ms
53ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-7_EkyulE2uEVexT4cU0Xoy1sYbhgbvQhN3Lnq_M-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-7_EkyulE2uEVexT4cU0Xoy1sYbhgbvQhN3Lnq_M-~A
date: Fri, 06 Oct 2023 16:59:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9DC8 70 B
149 B 286ms
122ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:55 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 9DC8
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=hSlrAIB4aVOeLTwJgyt0AoUualSeJWxU1SyZ_kl3
https://onetag-sys.com/match/?int_id=30&uid=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&gdpr=0&gdpr_consent=&us_privacy=

0
291 B

76ms
75ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&gdpr=0&gdpr_consent=&us_privacy=
date: Fri, 06 Oct 2023 16:59:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

400

sync
ad.mox.tv/delivery/v2/ Frame 9DC8
Redirect Chain

https://ad.mox.tv/delivery/sync?userid=4GwVc_bKEe_-zzSsSheXfOEPORzlh-2WgizO-sfmzVw&p_id=5
https://ad.mox.tv/delivery/v2/sync?userid=4GwVc_bKEe_-zzSsSheXfOEPORzlh-2WgizO-sfmzVw&p_id=5

0
56 B

97ms
97ms

Image
text/plain

212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/v2/sync?userid=4GwVc_bKEe_-zzSsSheXfOEPORzlh-2WgizO-sfmzVw&p_id=5
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.mox.tv/delivery/v2/sync?userid=4GwVc_bKEe_-zzSsSheXfOEPORzlh-2WgizO-sfmzVw&p_id=5
date: Fri, 06 Oct 2023 16:59:56 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 571ms
118ms Script
application/javascript 18.238.243.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-102.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:49:07 GMT
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 781
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: TSqk6cU_nj1Oj7TUPnoNXbAkyFiHfm0cfNbrNsnXEY3f-4JstnslYg==

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 63ms
62ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS93YW5nLXlvdS15YW8tcGFuLWhlbmcteHUteGlhLXRhaS1udS1wYW4tZmVuLXFpLXpoYS1xaWFuZy1zaGVuLWppbmctYmluZy1nb25nLXJhbi13dS1ydS1iZWktcWktc3UuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTRiNmI5OTU2LWM5MDQtNGRjMi05ZjdmLTU4MzdiMDI5ZDljOSIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIxN2MxZTI1MS0zYzZmLTQ3OTQtYTUyZS1kOWUzZjY0NzQxNmIiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk2NjExNTk1MTQ3LCJiaWRzIjpbeyJjcG0iOjAuMDMsImFkSWQiOiI3Njg3YmNhY2FmZDZhZWYiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDk4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjYxMTU5NTY1Nn0seyJjcG0iOjAuMDUsImFkSWQiOiI4MzRmOTUyY2IxN2M2NWIiLCJvcmlnaW5hbENwbSI6MC4wNSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY1NiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MTE1OTU4MjZ9LHsiY3BtIjowLjAyMjg3MzQ5OTk5OTk5OTk5OCwiYWRJZCI6Ijg1ZjEzYmI3ODI4YWZkMyIsIm9yaWdpbmFsQ3BtIjowLjAyNjkxLCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjI4NzM0OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjcxNywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MTE1OTU4NzR9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoicnViaWNvbiIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODM0Zjk1MmNiMTdjNjViIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA1fSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIxN2MxZTI1MS0zYzZmLTQ3OTQtYTUyZS1kOWUzZjY0NzQxNmIiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk2NjExNTk1MTQ3LCJiaWRzIjpbeyJjcG0iOjAuMDMsImFkSWQiOiI3NWM0ZGQyMWJlOWQyY2YiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDk3LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjYxMTU5NTY1NX0seyJjcG0iOjAuMSwiYWRJZCI6Ijc3NDVlMTE4MGQwMTY5MSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0ODYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2NjExNTk1NjYxfSx7ImNwbSI6MC4xLCJhZElkIjoiNzhkZTEwYjIzODlhY2Y0Iiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ4NiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MTE1OTU2NjF9LHsiY3BtIjowLjEsImFkSWQiOiI3OThjZDY5YzJlNGVmN2EiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDg2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjYxMTU5NTY2MX0seyJjcG0iOjAuMSwiYWRJZCI6IjgwZGZhYmRkMWFkYmI0OSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0ODcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2NjExNTk1NjYyfSx7ImNwbSI6MC4xLCJhZElkIjoiODFhOTA1ZGRmNGYxNmE5Iiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ4NywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MTE1OTU2NjJ9LHsiY3BtIjowLjA1LCJhZElkIjoiODJmNDlmNzk1MmNjN2ZjIiwib3JpZ2luYWxDcG0iOjAuMDUsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2NTUsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2NjExNTk1ODI1fSx7ImNwbSI6MC4xNDgxODA1MDAwMDAwMDAwMiwiYWRJZCI6Ijg0N2ZlYmZkODljM2ViZiIsIm9yaWdpbmFsQ3BtIjowLjE3NDMzLCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAxNDgxODA1MDAwMDAwMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NzE3LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjYxMTU5NTg3NH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhZGxpdmV0ZWNoIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI4NDdmZWJmZDg5YzNlYmYiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMTQ4MTgwNTAwMDAwMDAwMDJ9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=4319.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:55 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 410ms
410ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2775816213619405&correlator=181309638167882&eid=31077232%2C31078601&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&arp=1&abxe=1&dt=1696611595898&lmt=1696604395&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=525398678.1696611595&ga_sid=1696611595&ga_hid=1151098569&ga_fc=true&dlt=1696611594063&idt=779&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_9_0%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_0%26refresh27Split%3Drefresh_control_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.14%26hb_ap_adid%3D847febfd89c3ebf%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=2102018513&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4acc004d58062d88d6b1e5aa2538a94694ef561dee420c4beffc8fc753e36201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12011
x-xss-protection: 0
google-lineitem-id: 5221734854
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138441539647
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 567ms
567ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2775816213619405&correlator=181309638167882&eid=31077232%2C31078601&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&arp=1&abxe=1&dt=1696611595901&lmt=1696604395&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=525398678.1696611595&ga_sid=1696611595&ga_hid=1151098569&ga_fc=true&dlt=1696611594063&idt=779&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_9_0%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D834f952cb17c65b%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=3374688892&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7890b4033206369bca34e7c7cee6cdb0b1e24bed086f0352a693a9242f087ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12814
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 6965 577 B
500 B 115ms
112ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&cmcv=&pix=undefined&cb=1696611595962&uv=3345&tms=1696611595962&abt=adxLoadDist7-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=db5335a2-cd38-4562-8693-525240abe97a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 16c7150b21f16ba5d49d7f7a4c13042d022097b8c032ffd9761595fc760f47fb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 06 Oct 2023 16:59:56 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-ams21034-AMS
x-timer: S1696611596.047269,VS0,VE3

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E420 577 B
672 B 280ms
61ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 16c7150b21f16ba5d49d7f7a4c13042d022097b8c032ffd9761595fc760f47fb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 06 Oct 2023 16:59:56 GMT
machineid: 3402
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
741 B 349ms
347ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696611595980&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1558&pt=318840071&tz=120&viewable=true&ddast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxLoadDist7-out_vC!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1466
x-cache: MISS
x-served-by: cache-ams21034-AMS
pragma: no-cache
server: nginx
x-timer: S1696611596.047300,VS0,VE252
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 267ms
50ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&cmcv=&pix=31589837&cb=1696611595961&uv=3345&tms=1696611595961&abt=adxLoadDist7-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696611591561.5!ts:1696611595961&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6965 70 B
148 B 70ms
69ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&cmcv=&pix=undefined&cb=1696611595962&uv=3345&tms=1696611595962&abt=adxLoadDist7-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=db5335a2-cd38-4562-8693-525240abe97a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 6965
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A

0
98 B

106ms
62ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&cmcv=&pix=undefined&cb=1696611595962&uv=3345&tms=1696611595962&abt=adxLoadDist7-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=db5335a2-cd38-4562-8693-525240abe97a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25065

Redirect headers

date: Fri, 06 Oct 2023 16:59:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A
content-length: 0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5A44 18 KB
8 KB 207ms
133ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e91f267907b098b75ef07eca4c4f899b6acb8b77eadf31eba09f7f10bdc4961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7891
x-xss-protection: 0
server: cafe
etag: 13075248936262084949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 0E5B 714 B
614 B 87ms
85ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 11790
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 811f752bfb2e2a16-CDG
content-encoding: br
content-type: text/html
date: Fri, 06 Oct 2023 16:59:56 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0c1akiK6QWF17H1dcRxedFWcNkKA6u6LDYSr9qu5o9iya6qCeW%2FWl%2BEc3mNCn95OYNEVPfclsZd2aie7TYZXaCBbZ6h4W6z%2B4mWkW4%2FMaFfRcjTNaSvyYwDPBozDohMnpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2A03
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

60ms
50ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Oct 2023 16:59:56 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Oct 2023 16:59:56 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET

idsync
sync.aralego.com/
Redirect Chain

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a5ade25f-16ab-3780-a743-594383c25293?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-OwoXfAJE2oU_9apPpgG3bxf3ZT02LLg_3bVIlys-~A&redirect=

0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E3E2 281 B
554 B 255ms
100ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&cmcv=&pix=undefined&cb=1696611595962&uv=3345&tms=1696611595962&abt=adxLoadDist7-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=db5335a2-cd38-4562-8693-525240abe97a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Oct 2023 16:59:56 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 1065ms
258ms Fetch
application/json 3.233.156.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2Evd2FuZy15b3UteWFvLXBhbi1oZW5nLXh1LXhpYS10YWktbnUtcGFuLWZlbi1xaS16aGEtcWlhbmctc2hlbi1qaW5nLWJpbmctZ29uZy1yYW4td3UtcnUtYmVpLXFpLXN1Lmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
245 B 400ms
399ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2Evd2FuZy15b3UteWFvLXBhbi1oZW5nLXh1LXhpYS10YWktbnUtcGFuLWZlbi1xaS16aGEtcWlhbmctc2hlbi1qaW5nLWJpbmctZ29uZy1yYW4td3UtcnUtYmVpLXFpLXN1Lmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 05 Oct 2024 16:59:56 GMT
date: Fri, 06 Oct 2023 16:59:46 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31536000
x-client-device: desktop
x-client-geo: CH

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0E5B 99 KB
29 KB 124ms
123ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf488de239ae656f5f391bfb3148cc6f59f95dc682c0ad107575b6d9acc58e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29530
x-xss-protection: 0
server: cafe
etag: 229 / 19636 / 31078612 / config-hash: 7682450070620400040
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E420 70 B
148 B 82ms
78ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E420
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A

0
98 B

106ms
62ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25065

Redirect headers

date: Fri, 06 Oct 2023 16:59:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 526B 281 B
554 B 165ms
72ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Oct 2023 16:59:56 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0254 0
0 84ms
84ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDNNYLJYwq4aM7Iv0qVBrn5FVZtnr6oA-8FHRTHQRBAsZO9_DidM4PLrvYX8OiYxNd3NQytfBw1DBKmNCP67NC77j5etB0Dg-rC5F3zu5JT0yAAKVjLtmlpAEIrg4aRVZEKFhUm781lJnIe7v4aXekFGfbQ9DuohnNfXn2U8tbICHDDHaT60uMzKRbgU474ntNGSK5A61tOac6YM9c1j2JDWKN9bHcncdINTgPVYbcc1bj_cw-btG1HujZ13a2DzujZsGTxx2gF-FBNFsEIz58HiaH7f9H3ITGJEA04UaPjxdDv3doq8OVg45sVfirxLyl&sai=AMfl-YTtT1q0J-ZVwxuMMgRmpOL2X1HWiV69ft4QD4ktK_4drA7DJL9Qsgz-uWf3gL_zCh6GplCsiaOyECwgYIm9ZAdi1NH7ulptqDe3-1ZydheAbjw1T-VuSwo6m7ubOQ&sig=Cg0ArKJSzG0jXVKKBWAGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 1009ms
329ms Fetch
application/json 3.233.156.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5ACC 287 B
168 B 91ms
85ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNUc7-P9Cb6pDvvoRoSWNQvpfuQpk22su-vAQsKHO6cqRkcLlovStdWn9Ccq-O6hOPR-s6EryYALpBKEQchFBkP68cz0TlJTijofne0jmOvc8h9zRhA

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54fceb645bc52a6e4d261bae97e40d4b3fd1307d8b1ddc1845307214605fe0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0254 89 KB
31 KB 156ms
150ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 0254
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c&google_hm=YWRjZGMxZTUtYTljNy00NTc1LWE1NzAtMGM2YTlhNTU...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECMBmaSzYpvaXKdoDy8d53w&google_cver=1&ssp=themediagrid&bsw_param=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c

43 B
145 B

59ms
58ms

Image
image/gif

18.158.212.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECMBmaSzYpvaXKdoDy8d53w&google_cver=1&ssp=themediagrid&bsw_param=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Server: 18.158.212.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-212-148.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECMBmaSzYpvaXKdoDy8d53w&google_cver=1&ssp=themediagrid&bsw_param=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCU0YBCz0gZYfbHtHyzQbsmofoCvnOx5hzpeuEvcIRZBABIIP95h9g9c3HgdQEo...
media.grid.bidswitch.net/imp/sNWzM0WZiOxssH6YZt6W0VDeOsu5REWYquUws-Lsyga2Ln3_5up8v5tAyLs0mM6RK_80u0Uu1TqSmWIFXVF0zPlUVfGCcJalbwJ-OuACwWwYvTdHExi8LnfS7spI0oztlcQuKVP8DbMChwWWJ8jNVt4oMZaGnZMLdZRW8tdX... Frame 0254 43 B
196 B 329ms
63ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/sNWzM0WZiOxssH6YZt6W0VDeOsu5REWYquUws-Lsyga2Ln3_5up8v5tAyLs0mM6RK_80u0Uu1TqSmWIFXVF0zPlUVfGCcJalbwJ-OuACwWwYvTdHExi8LnfS7spI0oztlcQuKVP8DbMChwWWJ8jNVt4oMZaGnZMLdZRW8tdXEIl5Lt6xkNcuzcAJB37sUxgfgbByzJiR6Sf6RvOE3VE3YIrNujjVBTFuRqB5iCS-SM__UpXSHKUWUOvB5jX1uyHUWizLJpxeUmB7i0u0DS1TWZ2o82S5GxW-B1jaEkMoOlMj9IyGQhv1_dQYP2MQEh_oL_QiYLLAplY5Q2Rt3VAhBdadnfm1QZzdjAg_k4QDsGobgI3XR2o5vXZuLAKF9KYUgBWEVKH_ciH8gUhwqS9nz-USgzZjzEbWRBqkBrYzKxMXkMdMMLc1d17AX69NNCv1bHcy9hHBxnZMXNpWHjx4E7EnTx7cvRZ120S9t6kcYbuUBaNWbCCSD0VINteMIThLb-uKDjRFvLq78RYgUN_O7vQhZ4i80x2fewrreOtP3au0GVE4qbF_CjYD_aUIGNRw4WoST3v4u8dcQXMpNv72hGRSEfO_GkSV1V_9NJqQSPPRKgj_2web6jB_ofIJLWAVo0xuse5OdWBxvzHE6PCd1mn_yBM4scS4RsORgztexzZ0bUBpBg2kkmVyT4VlcaTQtTvqHKI2ppFDfD2ANpZrTW9qu3nNPdSDm5WlXWDqY0Trt3-O6jKEoBurEG3qaC_B8SyNuhMb7pVaGSpixrQrmOfXt7yw4rxW2QPORfb5LIeFTVHdrN10VbRJgMN69QBiNVkJrMzpCpOIDn1M_EqX_FPdcJzEMpq2ljcGaD35kDbqiyWGjnX8IH89AnlJyfGrDxdUEQwGfKmCgeMb2gNmVu9FeIWwb8Vl9dHgOG_yS3g4l9kSI8D4Xud6l681dEF6yNK0ftSXNxEF0XC3M9fAt2zuE_wAV1VUy22FPT1s9nENCK4dV9seQ25rks6ZaxcwGdaYn1B2o_qIsNv3K-qpJGw8Sh5qDH0t9qb2uHIdaBqohj_OzN6dWrZuYYZKpzpsSJ6SbreAhLoIqM8vCtfdKz9KDpJC8gOvWmJWbvcZyaKRJ8qWfRJ5W-AnhPDmhWwm9t9yvZZlt0NAH9ASsqjr-dJnB1VYYvuO-6urCQl9127WWQHrAY2DUhD0XEXUclvzQLINettKpjySO-1xNghj7lfemIr_GZEyJzLL1tZFqwLI9MU5ULdw4Fk/billingt538bn_UkU2RP92QFxBZjrUhP0pyNYULLDJH0Q6j6nRd7mQO1g/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCU0YBCz0gZYfbHtHyzQbsmofoCvnOx5hzpeuEvcIRZBABIIP95h9g9c3HgdQEoAHawYqYKcgBCakCeRHvWpZjsj6oAwHIA5sEqgT____AU____Qk5NGAIm4yxGfhqAqJ7PKgBteBkmLgPvNYm2iZsNjPXq3X8CdA8RtSJogj7JW5p1MFgzq4PP2cnX-prF853nlwcUrK8qXgevdApJSdxiktNDJud71GQeSksNT3k1ck5PMjU8wxTJX4j5B4BQQtvehp4rlPvYVRBGSeY0u5BP8XCkuTJnx9Ayyd1eD4cBG4ReZ3Tj8umEix1IGjfgdDrqOIMOuazMgbo7vo2vHpwLEvqKF3cmozJgc3y5E0x9ZHWC4ubETtoOI6anDSdR5mCbjETdjyWG019aANvpaWTd____hcLFT1fPo1FX-vHHNSby____sTK4rZXrZcDcNDjOqiKr8AEg76DqLME4AQDiAXll8joS5IFBggbEAUYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH2vna9wOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDH6QsYgduS8AHSCBQIgGEQARhfMgKKAjoCgEBIvf3BOvIIGmJpZGRlci10aGVtZWRpYWdyaWRfNWFhZWRlgAoEyAsB2gwQCgoQ4NjJpfLGvewuEgIBA7ATjdLvFMgT5qad4wPQEwDYEwqIFAHYFAHQFQGAFwGyFwgKBggAEgAYAOgXAQ__Jsigh__RTQt5e2thAQY__Juach____m__R__EUACH__F__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNilFrJwk5RsYVavaVj0Vk____wF1YUHsMVNmzQ-cM1ZKC0mqYm-F-wEeQuO0KIwjGAE_BI0yZsLZe5zyLvyjn6oNunfXnTr-oDFZUZs3Q38UiDxaq9jPmKssz8RhdlMWyDM320cdOd2lTMuvhIGcQAE2Q7TvXMJWAIaGmhzMFICfMDvQhVVzFcf48lgtzWYy__-RzhOFfkDi__B1a30VWBqAHxU9wHdIcK-tBLYQYiGiIJop__Cu0M2d6xrCDpyyy9Pv9wOv6WRG-nkjTydReusyvZSs3ofxA97TXNyDCP4S29ufa8b0Pu2Vh__iendjIPVBncJBenQKW__5gnCSCbMCSLLbBP__ZFYulEcqiTIcLXooAC5Qr9AUYAbSfskpUzq62LvPeLOcuUGlHRGg9WFyXydHsteVgxQI-__TtJ4UAF7TB-GW1xPdc3F__1pW5o__BdYnCVgeppaHvAYpOkfpyGnOE77dxYUPtGajynFuQeJD1-n99qIOiBggo6mGj1n27Mr7JFT9PkamRuiJpZyDK0ktGjmU0JLtdw9hXA9rAq2ooGmflMd8387Kn-jRWw9TspTj-9hdbW3Jv2x1t78iDAb8gtLluc3FcteRbfih8q9P-MCL3aegY7EkcCdD8rY7IVv0Nbsrp8X678FURokYbL5Vc1biR36ae76gdc5yYTtEfVXCSOs56irC9j85G1wEJz7xzLwwRHX-pgwvLoUjFNOydfoSlDPbBGQfRv5ejkTrIDnCHfjANTRpWWkjbK__-Nh6x0WIMXnjcHLAeab9__zsyxui1IX8GuJa6yMT5y0aqaPklc5chYhPPxnWUISJR-88NN05-cRNbmnPSOe7bKBrMsIaRiFADVWcizIzKQKZNjGDhpkEtDNi0T2WXPf__DuMTgbQpCc1HcBMFgxLuAKMVc8RMHompIAvJkuP71cqonakPRFnXuJKTua7yXk7zxuu1BEnUQs9fZ5zm__OmxKzNxCBDCA090aVWMZCCnVA6TJBqHkJzv9Lq673RztS5plwazBM7v7KwC1OXtz5J5gZUpwA__yCpHU-QvFkuJJXe4sKo09LuJrPBI9a0lYMarq3f5bht7xVPinTM6S6nPZ7Bd3Zv1K4Zn55m-HOH7ysauS2nJw0G5huA__-eI8atRWhXHSbRe3TB__XaGhG4rZiSJqhBTfq1U4Fyqslvtf__f4xjjarApRoHIvS3e3zNIl1w08lUaV-begTf0tRWHOO__aDo4Y7Xl4cyu1EUfwNJiTgUQrjL-Tp-760SY8Qgb2Du-5I82ZxMpxL35dfhXxfJEFrDNdtjTpHUYb7sCxMxhqkdaCbTz4m2GFNIz44KByskisrbGcFv3ENVX6W55awA_B
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 0254 0
122 B 579ms
72ms Image
text/plain 178.250.7.62
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=bg3.co&bid_id=be9cde5a-e985-433e-a1b2-7c4991b500f6&ads_txt_id=GJXPHY&has_bsw_id=0&bid_price_usd=0.17433

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.62 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0254 42 B
107 B 78ms
73ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJDbSSanb4lSM6NFiXCFhaDBpmFPh9E6P6x8uR6Avn5JUAiNNiQ47JxZcuKQ7N4uF0iVTb0o0-6uDD5M8xzsHXYjyztZGZK3_RZJ33phbGYrHJSbE

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0254 0
56 B 127ms
123ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8929144024503425660&x=38&ct=76

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 934ms
270ms Fetch
application/json 3.233.156.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da Show response
a.teads.tv/hb/ad/ Frame AE4D 5 KB
3 KB 77ms
77ms Script
application/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/ad/d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3093d066508b153250f441ad66ad98dfa058b82eeb2e5dfaa2e4384c2c2e54b5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2548
expires: Fri, 06 Oct 2023 16:59:56 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 844ms
182ms Fetch
application/json 3.233.156.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0254 187 KB
59 KB 92ms
92ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 58ms
56ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS93YW5nLXlvdS15YW8tcGFuLWhlbmcteHUteGlhLXRhaS1udS1wYW4tZmVuLXFpLXpoYS1xaWFuZy1zaGVuLWppbmctYmluZy1nb25nLXJhbi13dS1ydS1iZWktcWktc3UuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTRiNmI5OTU2LWM5MDQtNGRjMi05ZjdmLTU4MzdiMDI5ZDljOSIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDE0ODE4MDUwMDAwMDAwMDAyLCJyZXNwb25zZVRpbWUiOjcxNywibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiYWRsaXZldGVjaCIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMTQ4MTgwNTAwMDAwMDAwMDIsIndpbm5lckFkVW5pdElkIjoiODQ3ZmViZmQ4OWMzZWJmIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6IjE3YzFlMjUxLTNjNmYtNDc5NC1hNTJlLWQ5ZTNmNjQ3NDE2YiIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4771
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 58ms
56ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS93YW5nLXlvdS15YW8tcGFuLWhlbmcteHUteGlhLXRhaS1udS1wYW4tZmVuLXFpLXpoYS1xaWFuZy1zaGVuLWppbmctYmluZy1nb25nLXJhbi13dS1ydS1iZWktcWktc3UuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTRiNmI5OTU2LWM5MDQtNGRjMi05ZjdmLTU4MzdiMDI5ZDljOSIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJyZXNwb25zZVRpbWUiOjQ4NiwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoidGVhZHMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDEsIndpbm5lckFkVW5pdElkIjoiNzc0NWUxMTgwZDAxNjkxIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzIweDUwIiwicHJlYmlkQXVjdGlvbklkIjoiMTdjMWUyNTEtM2M2Zi00Nzk0LWE1MmUtZDllM2Y2NDc0MTZiIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4786.799999237061
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 51F0 170 B
188 B 57ms
56ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGPiexvUBMAE&v=APEucNUqmiIfUKPUdKVFDgpqFCaFZz8kzg1y6q72UNjsMt7j8HsqRVCupQK0lmxksUtbLJvLgCnETUowMGlEo3e1TxGcSlfB9A

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 51F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1&C=1

43 B
768 B

156ms
155ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGPiexvUBMAE&v=APEucNUqmiIfUKPUdKVFDgpqFCaFZz8kzg1y6q72UNjsMt7j8HsqRVCupQK0lmxksUtbLJvLgCnETUowMGlEo3e1TxGcSlfB9A
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjMau9zxnpLA7tNzZopw2LoeKSWu1E7BaFicTHyD3YpXkeIS6hn3Kvw06WyQ%2B4N0hn5EwoPdfV8sRNNy8uIps8glPm54UZlm2ew440UJ%2BPzBrHo6p21E8EShD2QsWDKfqusZhxvaq%2FtceQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811f752f390f3cb0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzIgywPhcvzVyD7vcSaURYXSYD6RMAWfi0e8PUReQq6WDWkT78CSM76zkRNOdigW9E1KMV537LtlvEiytUEEOw8PnFM%2FITj9mL9EX8Zsyb3VnQV9XkHo5dV7F7F3w2vs%2FyJOIPY627WhaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1&C=1
cache-control: no-cache
cf-ray: 811f752e5e6222b6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 51F0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSA9DHkPdEdz-JEcThEN3wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1

43 B
739 B

124ms
123ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGPiexvUBMAE&v=APEucNUqmiIfUKPUdKVFDgpqFCaFZz8kzg1y6q72UNjsMt7j8HsqRVCupQK0lmxksUtbLJvLgCnETUowMGlEo3e1TxGcSlfB9A
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqnoXJ%2FYYdO5L0A%2FQXgsShJXGeMIU1Uu2APBJWbIeY5NpAlWod2%2FZLWqbSS2esDxm6girudanfTlPJHS%2FCiIZHLoNs4BAIcKmrb%2FrHano5DFe5B2ojgayBQzHjFyTJW%2FEhaeIN6%2Fx9AIVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811f7530ab4c3cb0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHb_Y4i66WlIeh1BN4dyIrg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_4_5/infra/ 882 KB
144 KB 59ms
58ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1696324689
date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 28GN26TKG1TC4BS6
age: 286793
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1696324690
x-amz-meta-mode: 33188
content-length: 147342
x-amz-id-2: fue1scgTwarUiwNeqvoRj3W2GkqsOvTiRYnbJGIRZQF2dqOoXKuB2HdKnOn7YFBWkU/zgKjhQrI=
x-served-by: cache-ams21024-AMS
last-modified: Tue, 03 Oct 2023 09:18:11 GMT
server: AmazonS3-br
x-timer: S1696611596.388628,VS0,VE0
etag: "506fa4da9ad74d978d49cd3219439d0e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 42120

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_5/assets/css/ 60 KB
8 KB 59ms
59ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_4_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1696324708
date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 28GN1JPXT211KM5G
age: 286793
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1696324709
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: wnKgey5AUzzjfd0SNZTwhwlHeYR+XK7mNRRD5sdd2INZljhL0MLfosB8FO6AsFbAEWZZ7PFr0Hg=
x-served-by: cache-ams21034-AMS
last-modified: Tue, 03 Oct 2023 09:18:30 GMT
server: AmazonS3-br
x-timer: S1696611596.388575,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 59488

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5A44 145 KB
50 KB 176ms
175ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

static.171.184.235.167.clients.your-server.de

Software

cafe /

Resource Hash

82cfea5292224c1599b1bc036aa818c14f709a048f520d78e8bdac39bd73293e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51233
x-xss-protection: 0
server: cafe
etag: 6806089579563959231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 pixel;r=1325466850;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html;uh=e51ed67dfb8d91d...
pixel.quantserve.com/ 35 B
210 B 101ms
68ms Image
image/gif 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1325466850;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-199557767-1696611595746;pbc=b6f3ece3-98a5-4784-be9c-3fec885fa7b1;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1696611596387;tzo=-120;ogl=;ses=2ffdc3e0-3dd6-4354-b5a2-17f327e6404d;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E3E2 36 KB
11 KB 148ms
104ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 22:01:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17953
Connection: keep-alive
Content-Length: 10539
Expires: Fri, 06 Oct 2023 21:59:09 GMT

POST
H2 204 adxprebid.1.2.aspx Show response
inv-nets.admixer.net/ 0
262 B 238ms
51ms Fetch 167.235.184.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/adxprebid.1.2.aspx

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 06 Oct 2023 16:59:56 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0
p3p: CP="NID DSP ALL COR"

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 59ms
59ms Fetch
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
305 B 149ms
149ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10637&tvi50=9058&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 83
date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 64057
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21034-AMS
pragma: no-cache
server: nginx
x-timer: S1696611596.435996,VS0,VE83
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/ Frame 0E5B 419 KB
131 KB 78ms
78ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078612

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 10:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22996
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134450
x-xss-protection: 0
server: cafe
etag: 18225737291834661133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 05 Oct 2024 10:36:40 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5F2 0
47 B 129ms
129ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=735830734922&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5F2 0
56 B 125ms
125ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=735830734922&version=m202309260101&ct=76&x=1&cor=7830363104976622000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F5F2 105 KB
41 KB 146ms
146ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaIc2sJAh1jCcF45lWmMuKMSBvYbIPmn9bal3FqzHo9UUyIeM6Jvro2rsB1GkCGNutO2KWmpy_veKaowkb801qHR-Sdj0Ld36UuP6-_CvJLy9MIOM&cry=1&dbm_d=AKAmf-DdE2uBJmLqHhj-q7cB15tAhXzs3UMjKfyCzKZ_-iF1och08sVMF7L8PnvjW9nDjr46RGFcn9myFbkw2QV10GVRUM5BBrAnKOvCyopYWmo-5-rlf1C25DoAivj-eungKEUTUubWtDh6PC_EZMVsdrd4IDUSt45sT7VkOkA3Z73bAV3LWGyoUj-xnDzXJ7bXS2S9jyhMghsdhmmrs82JbmTk0f08sTct7tOJYOjQxV-vgcBVI4NsKv77eEfckp6P_5lkAdWSNW2UCFrWhaOHntRimBjQETtbuexLrVralXRgA5MmilzKzD5TCHbdl_B5_4uOh6Bru5KGgLwMaBIg5VuA9IeYpHgbnKqatv9q3dezbi3lVuEj6xPl1YN-aeAD4FE2cX9zXEpaCDhvXL7ihYdldl7hhiqrIfGISIwwIDtMSm6AgcJZw0b5DNUQdmhLxvXwwmWOGDszZa1f7n0AL64TtiFMhHPKbobWaf9WiluZ4vaLCnrvcoLHScvLJbGOdegJPjHYw2rO0XjEyPooylxPgVq6ieH5fq7M1zZY0hrGvL_CDuAeVKM6pd8hn5q9VvFI14ZeQ60VzHysS79FwdqRMi_PQUJ2Mt9_jnUKgSzQfeoodz2hBop4HcxkO6fz08WEvvhW1kbY9wJ3MvqQTO0v2UCbyQEdz1nZ5midtrHt_BbmcpgAD2FOtP0a5UzPXJLju2ez92ceBp7nubMkStsedF7h2n4S-33Vp2ajU6YWRuhIuo6XEIDg1DM2naMMkduT08f5w9xLhw5luFr9ukM9MAxmicpeGadUA45FGogLixDHDFbNsWK_aLrgyIrSQUAx-jzeNICY9mprvi0dWjv5UoFykEr7cfFTqNKDLVqGmnmAdswGS27J8FYzwsDGNj6q6eAUkrgdtmKi7JiMND3KK2c-4Y17LC-YTDEiSeC-jF7ySHF7jPO6We_h8QrkeLiKGPpf_PGE4SbGYYjtk69jRpXY-TmK5WQDDqx8qEHoTxPANO-_1OCTAnFRXWzYoE11ngYgzLv6ZAl2aImGYKV5_FTuDBnC4N5z9t9TfIBwITb1-oar-ebuE73sRL8zHEv4y9e61BsV1VOxsNpFrxyNuarMZIp3CryaN03V8mBS_ul5zhErjh747JgQzXDmR4OD0R8r379PyGOxALwXzDOCB1Ewe4p3NtyD9qfStxs7pJza85Zu9BdzYCbDxsf-YRTxNwTijwRq_mDiYILmFhh9UP0nqC0OyRwhxpiXlfFF9rGMGVjqngXwLq1qFh7VBKw3GyBK_81DQ0WNe5BTv2lMhqjONgWc7tv8CX71KkuQvs8SERrpF9gzWK_jes7L1qVEi3kv-w2giGagUOs8n36FlAlBZoy6k7ddtodNpraSBHHrqtxKfMGwU-US71PwDrGT5Zi0pBbAD4t-ffqB2pSeXDuOBGsgkwBmKD4sRWo9mGMHK6YuoLzS5hYQr5wBB1UJq2gj5ZU_bC7Z9VCVp4XXYyRIPa-NcA5gpbYj1lEKiGrezIZ5c2oO73h0cSbciynLVcbHHuuRcq_CoPQXZEewwxqSnOof8DCxnPYGlLDHINwANtv9R7MS4DFeLJSTbc2Kw0Jfw8dZO-Q9F9iDFSwRynKiHyQZOtUooODk4WcLgrDT6EbwyDtHHO7OFnqgUwqnremTRktKIZeFoeRLalxKxDuMrGAZxUH9HokEbq5QqyDXWU4xArb7REXCJcj8sumSQszpt3si2LWs5v-HizexpU-PKvrsUbg_hJo3zukY802f5RYls9HB9-QwtvMAYgQLSYccxhYj1RBxSun5zIS3Fr2WMaIZu3c3bAU2yoAKJk9AP4XFmEQ7RC2O1mHpURU-_KvcPAVU9jCLnFdFdeEYK7m7Gx9rkOGWp8d_pxGCQ3sYwEt2F4hyYS7CA9vvrUWBGEAzrS1iMnUfddRxL-AJ6BLNsKQP1NdN1J1HZ_IVdsutHuchNSMGdcsUkWbEDnU4sRjECxmerk30t0rdNN3ov4Guq4e8sA0PUaeHJhWiwX9Wo_wsVHjXAaOUN-aaDd67BTI3NiizVwphFwzA6lvuufI_2JRDLKIZ5RJG7NAvobyQ3D91QCiUytB6voJ2NYzWuBkJ8wsV593bdHpKltWnkKqmb9dS8EP_cDGw0EQiQZf8IipEIYaSOdpq9Fem4G5zz2fGlbM-AFBHg3utCezH-cOKhKyGZVjY0To0rT5X8jekmgapsUyXO1fd3-H4uM668X4S_8cy6XYVhU1JQuDUkXI1d9BCeMB07XCkwYmyOelLk0iSe0Hk8NffHdiQ-C7iW1ICN-eNZsFuo2Zz8_4m9BxhKcL2NcH2XpyNYPCwAHoomN6IHyfPvl1OFe-HS6_hRA9Q90k0CWrvu1LF4cybcPihmj8aSfyglfq_Qzjz_6AC4T1NS1uPy8jL-9joPTWUbuaAlF8CfGJYj5PbD9OefdWfQC5CtsxpQr-YJDl8R0reXdN3Ir4vOiC31gXCaY42kbU0aMhAC6En7v34v4mAYjgevB7jFTnUnoRvsg30TbpD9tyTQq4kvyiUMk4YGNNA6lVR-eF54qz4FxVnzbZZ6z4OiV6rXCm4PQf5_bcAmZE9AfgVXQfvH3d_8nyVeHoypQksC6hF8mrMLNxRwFwZGUjNqxSPSdQYTA9GsF0qG7lje9WwqWIbmEawKlKNl5Gw7NKd0TfuoPnGgqPe-uo9plqZ3xgx132yOf9hoIzjw8LGSQb113vLtpvrOxMk0quinF08RiXCgoVzWXCSxzySaf-3sFnmpGOYjHOi1asgPwSc5WlViaBVQUQuzglVJtWqXiuCDAeXgupfFQNRHnmzXSrZavVVEH82mFgCWYo3v6IOSehw0LR4vMuT1LTMw_av4iMVHa9ob6fTNVREET0IkUDs0cvi7QOSD0SsVw16YZnqzySu3rqDrOrftvky9Jhx7W1whpDuczsFN1Y6EXUc3u1LwW-dV7EuuJmtqpCSgNd6fMW_Nvx1yE_lhNkMMhf8Z8WnEs_kMv-Mi8D2uTi0AHjVHQtzjehRlGWoKNR8qKDYzpj-INEG5jSZLF95Qn5EMtvF6zzMJNfo0uujTi3RAJuTZuhTRak-BaBQD7SeLw80JLSWTGGR4xfPfQp2BAQw8JVrTzlOsYYs2je5-Zn_73XOH8UMRh2LvUBS1zYBGE2XAHtZ53XWIxH-RKEYj9i6MDVhMmcyNT8Rgabcaxa9EJS4VlUnFVzhB7N0fjNfvczXeD-5oT7LFVl2T-KMGIx_bWYdcW5uIUtXjn5TKaK7l3miQw4YBuCLWT8ikdvE8gYMCn13mNiYGfInxVeh6-OuCUY7teWMaVDWacKHGR2FxZWXJ81nGV2lSijNUWJpIbNmL6UmAH0O97Y22g0e83aUNtkBY7gSuPioRBsOoN5lvjPuxH0_H2dhX1BkbmXhBT0EUL25zEc5Os6-TOV_-mm1akWUPrjvx8u0TMAdUaCdArHeRYw1Riua5U8KhFqNmvkwdZl8k9qNZn2yjBz3u6mFxnoMmGTkmktS4m6QNJdfQUMpvpKaWoyChrYco16XqNUPHitr64yj5RUrFCGIUDQnQtwUlcGLoVEssVSBx6QEnBs62raWqPGoTUCz39PaDhBi2qU85TEP4bz1H5vjgI0TuhHrxj_osnRei4aa9artWjt-TRwLfbje-3YrxcqU_xwag9dxQv9-nVHJ9p3xpVRuyY3DL1MiAuZJ_iuHdgYT2wgK4HC6Dou8cgfuE9KAZ3xS9TbgrXFFg5SjloiTJ5v4Ys3DM2MVBarJbFzZiew16ZvQOmxk8SzS9QHxT7Cm47FIzqkOBUL12FAwiQWJotJn-DVT14CUE5HpMLrP4GW_9q6ChRISG--ZT2pHiiC66zbF87cs2gjidbefHifvN_SEyWT4QvB7u6hJQOkV24BnX3EWwerXG7ZR5uDElX2Qcy32D-Qi4WYWe7y5-r8sDZoj2LVCUx8-7XXA10Z4Fy-_ES6bL5KckfELIA2XZvxE0TkEcdytlhwMZoHgRFbV3qXjaofxtVGkkKy32XEUKd1it9vASH8JY1pX87hwhcrQGWT6Wj0&cid=CAQSOwDICaaNKiBMMRo73fBHAouVvxvwBzIjG9leKElyOwLTZ3uHWeVgy8OFWIMf5bplLJiP3lUQMgn0NaGBGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=7830363104976622000&adk=1726166460&idt=648&cac=0&dtd=39

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

606107429a0f29c0bf703f2c1d5ebdea43e57acf897ce365da17998a285296bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42259
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 5ACC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEClZN6bcbnkNf-jZms-5Wzc&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEClZN6bcbnkNf-jZms-5Wzc&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=fdb00a3bdbe94126d64ca59cf10d8e3a&uid=fdb00a3bdbe94126d64ca59cf10d8...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
148 B

73ms
73ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNUc7-P9Cb6pDvvoRoSWNQvpfuQpk22su-vAQsKHO6cqRkcLlovStdWn9Ccq-O6hOPR-s6EryYALpBKEQchFBkP68cz0TlJTijofne0jmOvc8h9zRhA
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:57 GMT
Last-Modified: Fri, 06 Oct 2023 16:59:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ad.sxp.smartclip.net/ Frame 5ACC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGsVGhEtMxcRb5Sv5XTSiEw&gdpr=0&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGsVGhEtMxcRb5Sv5XTSiEw&gdpr=0&google_cver=1&ang_testid=1

42 B
438 B

80ms
80ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGsVGhEtMxcRb5Sv5XTSiEw&gdpr=0&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNUc7-P9Cb6pDvvoRoSWNQvpfuQpk22su-vAQsKHO6cqRkcLlovStdWn9Ccq-O6hOPR-s6EryYALpBKEQchFBkP68cz0TlJTijofne0jmOvc8h9zRhA
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGsVGhEtMxcRb5Sv5XTSiEw&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2A03 36 KB
11 KB 107ms
107ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 22:01:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17953
Connection: keep-alive
Content-Length: 10539
Expires: Fri, 06 Oct 2023 21:59:09 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 526B 36 KB
11 KB 97ms
90ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 22:01:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17953
Connection: keep-alive
Content-Length: 10539
Expires: Fri, 06 Oct 2023 21:59:09 GMT

GET
H2 200 native.js Show response
a.teads.tv/media/flavors/ Frame AE4D 97 KB
24 KB 90ms
89ms Script
text/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/flavors/native.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 227c80750c4040fa88e6c40c40c4af5273b8595ea7de773d858e644fe38deed2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 09:45:46 GMT
x-amz-request-id: Y7012R6YDG45RR0W
etag: "b7b0745dc8a24c81be2d0d94352a3e48"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 9
accept-ranges: bytes
content-length: 24089
x-amz-id-2: bfLqgjjMPD6kiA5K4+8oH1KYgUZrs1teJ9T2NMQR4AlhQhmHYP09Grc1EgS4UoPPgdO16UPatzI=
expires: Fri, 06 Oct 2023 17:29:56 GMT

GET
H2 200 container.html Show response
ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 914A 6 KB
3 KB 55ms
55ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:55 GMT
expires: Sat, 05 Oct 2024 16:59:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 67ms
67ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
age: 2532101
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-ams21034-AMS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1696611597.601065,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: A6eSXa8mzm8pvy_g4qU43SWxHhg7-JxFo9dy2qx0Z0FOI9MVcvzpjQ==
x-cache-hits: 56916

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/ 465 KB
87 KB 76ms
72ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1696237416
date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 6VF4AVBMZTPG5XTA
age: 374108
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1696237429
x-amz-meta-mode: 33188
content-length: 89004
x-amz-id-2: JdjhVhwDw84ap5tX2uFrbbJx5vyf7CB65GGJtz3tNLwG0YoGmi7lzR49WULxwOlAaWFNsU7FYNk=
x-served-by: cache-ams21024-AMS
last-modified: Mon, 02 Oct 2023 09:03:50 GMT
server: AmazonS3-br
x-timer: S1696611597.615041,VS0,VE0
etag: "585652628115b4409d6c93eb98f8e63c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 74133

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 9010 439 B
533 B 70ms
69ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ccdfd0625a938954165aa92cbed3630dad8d8ce1998c7f8d826f9f1bb72287df

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 06 Oct 2023 16:59:56 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 70ms
69ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&cmcv=&pix=&cb=1696611596561&uv=3345&tms=1696611596561&su=&abt=adxLoadDist7-out_vC!nonrv_vA!t120!ufm_vG&ft=0&unm=FEED_MANAGER&mntl=1&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-length: 0
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 69ms
69ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&cmcv=&pix=31579697&cb=1696611596588&uv=3345&tms=1696611596588&su=3&abt=adxLoadDist7-out_vC!nonrv_vA!t120!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-length: 0
server: nginx

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0254 0
56 B 78ms
78ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4650964623003&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0254 0
56 B 172ms
172ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4650964623003&version=m202309260101&ct=76&x=38&cor=8929144024503426000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0254 76 KB
34 KB 133ms
132ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoUXXn_pLHHkWbA2noA6VlCoGjcEGynEF-ZPr_f89kz8-NGC2D4WbF_0Ra95NdRlbRvQnhtZNScgZNSMCL6XvOCFpYkz9UDGG2RREULdKOb4wNW8Thu_a7bz2L5KlvFtbZ7y9n0in41XW0uMIO6HLmo5zij610GbLzEZ1S_74hfHriVQc&dbm_d=AKAmf-DGiwE8ka_o83iJHzDe1uoapCM4tpnMniCH3WEIQc3tBeWyTZe1iEbvrVb_1mwgVU5aQQHULm5b1cZjvTQp2nVpwArAATlNIH60-ex9gzeho4NPKdY_KEkdFCP3VSqrfBSq1GIRcCoyo0n2x9XZvl70f9QwY-l6w3tlPLW75F1TeQgl7IRVsN0TwAGyyOFDIUCI0HPbSthqK3p-vry6EYswwwnltKZA6SR45SWyxE3CcuWlCS7yl9kIk4cj3vXQiT2ZPhE_1N6ooNdlOefgZT28d9xwitz4WA7aibRqLcxuCXufLwVVCPe0RwlD7HGxrQnkqf9lxegJpIeEXoVYkKb_HWj8HJr36eiJBGl2ulyvKUVvnNfVUnqTNrXQ9o5rhU3NlkrcnXiy4ghUtIn6GTF4k8aeQYeSo4qOd6MDU3bNDTZ71JQs23tnz6lWfSDv5icgEkZDOmV28S80wx2dGGk177FnYaNdpwMJL03B2yH0LxbRi4nOm-ZCVqIPKxwyLV3rgjPWfEig1UoprjEuffuGGGLStHcQVbLflhxNwuyOX2wGEf0boGAjDEzd7pWIKFiQXxPkiH148dIbic3sVWLt_eRLjYpNWTKIM_nZogRoXmVz9fDPDgvXsj-PKRBEabw9kX0x7XyD9diIT6tnxbCfnXbct0aNaUYmT33Ukv_vYn7vw4DWjhzZNWi5hm9cKOs4hRpShMnLJzdtVk7mClY2AXSeSuzJoexuzZS1utf_nMQTQk4P705bLLnjxPuEH-_cTMFXhfTrba6R-Yv6eqgOY-PecS0EgwQJVFnomQdSYjplzP63dFpCHaPaArf2af33JbAdjaKFle861A1SyIk50POZLx5H8z7VwOWGp7pbAtAMhsWXKsp8nEW8qG0rJ7E7qGVRlza-Sl05R1RdoND93Bb-VICJgeGmI_gyNvIbopNZus9kQ7F18TaM2Dpov8w0TIyftYudDRsLKItM5Rcu5DNz9yR_4g5r26zzOhBCtzJKVnX9sYAZIB13gJD3o1EQDV2QkwZZpJdQOFHzsHZViltBPo181XAa1YyB_2lTTt6xY4EufM7ilupGmO7qxQE1X1JEwBdkAibTwVHcHAuisktFy3hGU7umSjCNUIlZVRh5VED6lUZgAoy2-d_QginqIDo1WDvIgSeN1vVgrTDDiXi7kdlhmfdubdhO6g_XFY7LbUKgBkjhpqCJt9zyzzfkUvRp1aDsZxl5Revqyf5fuuMc1vUJQ4udJcnnOBKO3j3axst7PgP0-ye5d6EqKsKHy3zzlx6tbEUxBMK-DMYWWjY4dM6UakeZKfJejmMj7Ykqw271rr1njn2jOzI6PWgs42gaunpWawOk-MQlVEcVqa3faccdszagvYDWYOV3lJhtKjIn4KmXcFA5Zb-Q8mNQ0yl44EwYbX-X_Swuu-IPD2pbkBVRbyCf7ElFBOynOqCUyrglS0glSQxv-WhevLqli_cG3CnvZUV-03MVt7sZklCxd1t1OvU-CUPUKW4Vz2HEHwspD8DsvusFxzPiQ5BNMF6jwVT4ieKfk_jnDrMoZeyUR9jAtVVLOZjxRb5RT-24PZv2PWqzesKTyLeljDyJMZJHipCVTNiKA13HF4eqxCOEyB15-F3KqosSDxEnGPEexTOt3QCWCDnj07YrKjUKn8IGN8N3vDVvqQbXB_LIpIqplBxNAui35sWcjj99LBF3NEW2AKe93RvQYZid1RGY4ZZjCIMQqMFjD1UToQ8hPsg7wFn4HFzrnpb3DiiC_29XIZzwoen_TL18UfNoCDiWYwCFVYnn8r9zD8l1kRJ9KOj0edrh0y5N-ObMiR6FMs7yRtVB7fmeBpvu8LUMK4BWmDDWSn8pUFOZvEhXBCBVWdzIGckEVHYsqYIZS0qaESDCCtbktBne9DIEr4F7Gzr1N3-QC_Eq4ozmgoBiV981bJ7jTEmPJsvWrVJb_QqIJK3zwsJKEJd3SYdbFwK1eDm0k76XvccGM_vmAgmw4Z1a4QmLflKMY1j-CfJigKxrgmnWvlb5p4Xkp_VvrLneQeC7D79kOpkI2dg_3nuocGCtcVNq6p1qdaSPogWGJyriUQwgIVF1wTX7kBPWhY1Pb7PuIk-OZzO4u8wG3rzteJL0ZeUwhKCvf429qbHkS0A0fWL--lfpUP9UPQna7cpwwc1y2qi036-yCKCQeXhdfFK0ccvava1Gg_zhMey9Bu3Xcu6q48iYkvHApWIL9jRuue9j4qqI6Qp1J7Y6HfGCRs9C_s8CZi60K1niP4rSGs4hbXsh0kwFqRhVcr6iySi6BCvShSK-i91tPgmLVys0_uZrFuGzgdSjFdRrPPdetir4HxTGaF2jzTw_IS4otEEWMvM78y-aOayiLsca2jkM0DaHJohSxFHjIokdyGPYUP39xip5Lzv9ubBKYrW1vjt_uIGKybC_J0gx-DpLjbvcsEslVe9R3kDRH9F48g-dIQXE2lpir5l_4I_nLrQvZDdu1F67Da2e1xRc1Sd9WRoVs2iNx4y_q9pdNzdBK4zG10bwPxUBx6A33jII8z2q5qRfrvkXWK0s3l_3i4NYQKQnp2wIkhY_y2TNbznlqI4TbMlWn-cLubLfzYY7Dm5GZxh0RJfU2GB413HXEipOYBPB3BpsBodPhmhIGzoEhTQg3gj5diwN1fTHuVNRlA8QDw4KCVaJch-Qp4htP3GKuKW1lPsVK-FwT_XFGZx2PWmR-hp6WGkJTngoASzmfW5ACYgYnbD9xlPHRy8ZlchXTimcc09BeYnBm2B_gm9ix1y7xEbWmVoNSsyy_wMw0G9vAz66fnKzeMVJ2rv7lFHAe17hWg2DC-Zu0gxGVEie2WCVHLppxmBUbzek1xYqjscsK5nOZrzRsoaz_n_XBnizCHT0G73mj4pAbcxwx-XStbqDUBg-WtvRUPV6CGsXBjtsZD7J6SxEjUCK8sekqnAcmezsU_s3SR1qltK-h8ECNy-Z5fkIfPIqiiEinBLU29npyV23e_eiN3oFnBL8RGAdKt3KmxSzDnxHi2mmueQx5tadQk1wji6X9ysyOnSbMFMZgqiZUG9KaJEwtALelvD4wRbnLegnwpH0hHg5EAtC9ne5UTS23z9SaLrTYHeBRSCnGE0Emp_4BdMyNl8fULgTqUhjFc0zupaX9crY4VV4Aqo0OMl8H7CFQ1zYN_vVbuFxsS83psL98KbKQSW-53QKbIKuZiXc6KGcGK6nJpSMMhTtjpJOHJhbQX-gdby_EO9BzaSGY2fCH8I0rWu6kRcZA4vNc73o20xkhyxNZvr_P6nRhsv9HY4V3B9PiQeXoaw9FcazR_k2BKMHQDtrI60eRt_QI2oBxwGXc_2VQYQ-jpOq2Jj0Bjc9dAq-r2F3sbSD3IM6utqNV8fv6M6v1U0Oad0oqvBYJZxeAf7ehIbND5kiPwNl_VdrXSgDFHdQy-Ey_Xca4B2Y8PVRqkaQaxjZomQoKWVlgQaOAKjCqdQ-S7FLU4b4EbHi4fy1OFxbjvaUSvBvLCCVv9pvvrmzaZRuLvVbjTT1hznedM-XY6aY8sfDVNiq_xSIxFsH9Z-xCSrvx1UhyskorcLe7dAu14cl_sQ175od6GSsYL1tc4d8KEWJEowc98mpjs4OfGauaf_kR2gnZbjYxQuMj4M1u4BGLvV59VyGlAzvzX99MsYin57dQds0r-DsQS9vYgVTS5DpeWDfszcKNYQcBBWvcLPrrOPQvnS44BOeWUFoqTaMilHNNoQ7V2jWxiEEtQusQ0_b8TG2Z6JZhAzYyOTwqBlBrnj0ytJ6mlRMqOm5FfHwJizdUNPLx5WgwM2ajPj2mMhua6EcrkKrKKb2FGLDaaSPXQZPDLvY4GPFwQ&cid=CAQSMgDICaaNilFrJwk5RsYVavaVj0Vk_wF1YUHsMVNmzQ-cM1ZKC0mqYm-F-wEeQuO0KIwjGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ds=l&xdt=0&iif=1&cor=8929144024503426000&adk=3767877938&idt=203&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

201c523a817cebed53363adc7ec4194598a601b22217ade02351862ef30ed588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 76ms
75ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 6750d77433312fa1bf305e9ae7af80ae.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: AMS1-P1
age: 2646348
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-ams21034-AMS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1696611597.680273,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aMbbnOmg1VE3Pr2yFaiHpIZhHxo3sETSuv1N7hdOiyVEbEUpcsOAdA==
x-cache-hits: 375708

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 113ms
113ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2f4556a5acaf48e9f12d1f3d5194b3aa792e368ba344eb1cff6e4583e2a10ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 16:59:56 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 625ms
257ms Fetch
application/json 3.233.156.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.156.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
776 B 73ms
73ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 06 Oct 2023 16:59:56 GMT
via: 1.1 varnish
x-amz-request-id: ZFRPC3PFTHSKWAJC
age: 20252
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: I3ik5JowKcfEGbtrriHouz1flL96hfvN+S8YuupPMlmly2fde9Exqqba1OwCj7qV+igbuNUsCvE=
x-served-by: cache-ams21034-AMS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1696611597.680194,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1787

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame E3E2 7 B
380 B 322ms
81ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BFB8 611 B
310 B 119ms
116ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWUfONk5r2Q6kj-PuBWPgj5DkQeFduLIo_rBg_MbS4jX8nj80t1bMR6389idQQxoexNO6b1-4X6GxS40Sk5PFfH0t0uuw

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 914A 89 KB
31 KB 190ms
187ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 914A 42 B
107 B 117ms
115ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9-0aQl_CUfbjNMIwT2j-YWcw7fnC67u-SKWem-4SSKjXVUS-xGG2qYEs0GMGH3IodWExtS0On7LPZoUDTR3coan9zJvxqKkNzYuyIycqUDIOVDuQ

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 914A 0
56 B 118ms
115ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3142597607363724971&x=1&ct=77

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 914A 3 KB
1 KB 88ms
86ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:59:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:59:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 914A 20 KB
8 KB 87ms
85ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:33:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 914A 0
0 116ms
114ms Image
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlpjSm3wFrKC-vh_H95L-VAmdm8HwNPDsCxJoPg1sKORMGPSz49PoJPWNNQpU-ovMUQm_ApZf3MhxwHgLtEBus3V2mTA
Requested by: Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 914A 187 KB
59 KB 107ms
105ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 526B 7 B
380 B 319ms
84ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 2A03 7 B
840 B 315ms
81ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 402fba8a82f093def2459220061c8d31
Expires: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F5F2 172 KB
61 KB 533ms
68ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
Origin: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 07:14:36 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame F5F2 11 KB
4 KB 114ms
114ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaIc2sJAh1jCcF45lWmMuKMSBvYbIPmn9bal3FqzHo9UUyIeM6Jvro2rsB1GkCGNutO2KWmpy_veKaowkb801qHR-Sdj0Ld36UuP6-_CvJLy9MIOM&cry=1&dbm_d=AKAmf-DdE2uBJmLqHhj-q7cB15tAhXzs3UMjKfyCzKZ_-iF1och08sVMF7L8PnvjW9nDjr46RGFcn9myFbkw2QV10GVRUM5BBrAnKOvCyopYWmo-5-rlf1C25DoAivj-eungKEUTUubWtDh6PC_EZMVsdrd4IDUSt45sT7VkOkA3Z73bAV3LWGyoUj-xnDzXJ7bXS2S9jyhMghsdhmmrs82JbmTk0f08sTct7tOJYOjQxV-vgcBVI4NsKv77eEfckp6P_5lkAdWSNW2UCFrWhaOHntRimBjQETtbuexLrVralXRgA5MmilzKzD5TCHbdl_B5_4uOh6Bru5KGgLwMaBIg5VuA9IeYpHgbnKqatv9q3dezbi3lVuEj6xPl1YN-aeAD4FE2cX9zXEpaCDhvXL7ihYdldl7hhiqrIfGISIwwIDtMSm6AgcJZw0b5DNUQdmhLxvXwwmWOGDszZa1f7n0AL64TtiFMhHPKbobWaf9WiluZ4vaLCnrvcoLHScvLJbGOdegJPjHYw2rO0XjEyPooylxPgVq6ieH5fq7M1zZY0hrGvL_CDuAeVKM6pd8hn5q9VvFI14ZeQ60VzHysS79FwdqRMi_PQUJ2Mt9_jnUKgSzQfeoodz2hBop4HcxkO6fz08WEvvhW1kbY9wJ3MvqQTO0v2UCbyQEdz1nZ5midtrHt_BbmcpgAD2FOtP0a5UzPXJLju2ez92ceBp7nubMkStsedF7h2n4S-33Vp2ajU6YWRuhIuo6XEIDg1DM2naMMkduT08f5w9xLhw5luFr9ukM9MAxmicpeGadUA45FGogLixDHDFbNsWK_aLrgyIrSQUAx-jzeNICY9mprvi0dWjv5UoFykEr7cfFTqNKDLVqGmnmAdswGS27J8FYzwsDGNj6q6eAUkrgdtmKi7JiMND3KK2c-4Y17LC-YTDEiSeC-jF7ySHF7jPO6We_h8QrkeLiKGPpf_PGE4SbGYYjtk69jRpXY-TmK5WQDDqx8qEHoTxPANO-_1OCTAnFRXWzYoE11ngYgzLv6ZAl2aImGYKV5_FTuDBnC4N5z9t9TfIBwITb1-oar-ebuE73sRL8zHEv4y9e61BsV1VOxsNpFrxyNuarMZIp3CryaN03V8mBS_ul5zhErjh747JgQzXDmR4OD0R8r379PyGOxALwXzDOCB1Ewe4p3NtyD9qfStxs7pJza85Zu9BdzYCbDxsf-YRTxNwTijwRq_mDiYILmFhh9UP0nqC0OyRwhxpiXlfFF9rGMGVjqngXwLq1qFh7VBKw3GyBK_81DQ0WNe5BTv2lMhqjONgWc7tv8CX71KkuQvs8SERrpF9gzWK_jes7L1qVEi3kv-w2giGagUOs8n36FlAlBZoy6k7ddtodNpraSBHHrqtxKfMGwU-US71PwDrGT5Zi0pBbAD4t-ffqB2pSeXDuOBGsgkwBmKD4sRWo9mGMHK6YuoLzS5hYQr5wBB1UJq2gj5ZU_bC7Z9VCVp4XXYyRIPa-NcA5gpbYj1lEKiGrezIZ5c2oO73h0cSbciynLVcbHHuuRcq_CoPQXZEewwxqSnOof8DCxnPYGlLDHINwANtv9R7MS4DFeLJSTbc2Kw0Jfw8dZO-Q9F9iDFSwRynKiHyQZOtUooODk4WcLgrDT6EbwyDtHHO7OFnqgUwqnremTRktKIZeFoeRLalxKxDuMrGAZxUH9HokEbq5QqyDXWU4xArb7REXCJcj8sumSQszpt3si2LWs5v-HizexpU-PKvrsUbg_hJo3zukY802f5RYls9HB9-QwtvMAYgQLSYccxhYj1RBxSun5zIS3Fr2WMaIZu3c3bAU2yoAKJk9AP4XFmEQ7RC2O1mHpURU-_KvcPAVU9jCLnFdFdeEYK7m7Gx9rkOGWp8d_pxGCQ3sYwEt2F4hyYS7CA9vvrUWBGEAzrS1iMnUfddRxL-AJ6BLNsKQP1NdN1J1HZ_IVdsutHuchNSMGdcsUkWbEDnU4sRjECxmerk30t0rdNN3ov4Guq4e8sA0PUaeHJhWiwX9Wo_wsVHjXAaOUN-aaDd67BTI3NiizVwphFwzA6lvuufI_2JRDLKIZ5RJG7NAvobyQ3D91QCiUytB6voJ2NYzWuBkJ8wsV593bdHpKltWnkKqmb9dS8EP_cDGw0EQiQZf8IipEIYaSOdpq9Fem4G5zz2fGlbM-AFBHg3utCezH-cOKhKyGZVjY0To0rT5X8jekmgapsUyXO1fd3-H4uM668X4S_8cy6XYVhU1JQuDUkXI1d9BCeMB07XCkwYmyOelLk0iSe0Hk8NffHdiQ-C7iW1ICN-eNZsFuo2Zz8_4m9BxhKcL2NcH2XpyNYPCwAHoomN6IHyfPvl1OFe-HS6_hRA9Q90k0CWrvu1LF4cybcPihmj8aSfyglfq_Qzjz_6AC4T1NS1uPy8jL-9joPTWUbuaAlF8CfGJYj5PbD9OefdWfQC5CtsxpQr-YJDl8R0reXdN3Ir4vOiC31gXCaY42kbU0aMhAC6En7v34v4mAYjgevB7jFTnUnoRvsg30TbpD9tyTQq4kvyiUMk4YGNNA6lVR-eF54qz4FxVnzbZZ6z4OiV6rXCm4PQf5_bcAmZE9AfgVXQfvH3d_8nyVeHoypQksC6hF8mrMLNxRwFwZGUjNqxSPSdQYTA9GsF0qG7lje9WwqWIbmEawKlKNl5Gw7NKd0TfuoPnGgqPe-uo9plqZ3xgx132yOf9hoIzjw8LGSQb113vLtpvrOxMk0quinF08RiXCgoVzWXCSxzySaf-3sFnmpGOYjHOi1asgPwSc5WlViaBVQUQuzglVJtWqXiuCDAeXgupfFQNRHnmzXSrZavVVEH82mFgCWYo3v6IOSehw0LR4vMuT1LTMw_av4iMVHa9ob6fTNVREET0IkUDs0cvi7QOSD0SsVw16YZnqzySu3rqDrOrftvky9Jhx7W1whpDuczsFN1Y6EXUc3u1LwW-dV7EuuJmtqpCSgNd6fMW_Nvx1yE_lhNkMMhf8Z8WnEs_kMv-Mi8D2uTi0AHjVHQtzjehRlGWoKNR8qKDYzpj-INEG5jSZLF95Qn5EMtvF6zzMJNfo0uujTi3RAJuTZuhTRak-BaBQD7SeLw80JLSWTGGR4xfPfQp2BAQw8JVrTzlOsYYs2je5-Zn_73XOH8UMRh2LvUBS1zYBGE2XAHtZ53XWIxH-RKEYj9i6MDVhMmcyNT8Rgabcaxa9EJS4VlUnFVzhB7N0fjNfvczXeD-5oT7LFVl2T-KMGIx_bWYdcW5uIUtXjn5TKaK7l3miQw4YBuCLWT8ikdvE8gYMCn13mNiYGfInxVeh6-OuCUY7teWMaVDWacKHGR2FxZWXJ81nGV2lSijNUWJpIbNmL6UmAH0O97Y22g0e83aUNtkBY7gSuPioRBsOoN5lvjPuxH0_H2dhX1BkbmXhBT0EUL25zEc5Os6-TOV_-mm1akWUPrjvx8u0TMAdUaCdArHeRYw1Riua5U8KhFqNmvkwdZl8k9qNZn2yjBz3u6mFxnoMmGTkmktS4m6QNJdfQUMpvpKaWoyChrYco16XqNUPHitr64yj5RUrFCGIUDQnQtwUlcGLoVEssVSBx6QEnBs62raWqPGoTUCz39PaDhBi2qU85TEP4bz1H5vjgI0TuhHrxj_osnRei4aa9artWjt-TRwLfbje-3YrxcqU_xwag9dxQv9-nVHJ9p3xpVRuyY3DL1MiAuZJ_iuHdgYT2wgK4HC6Dou8cgfuE9KAZ3xS9TbgrXFFg5SjloiTJ5v4Ys3DM2MVBarJbFzZiew16ZvQOmxk8SzS9QHxT7Cm47FIzqkOBUL12FAwiQWJotJn-DVT14CUE5HpMLrP4GW_9q6ChRISG--ZT2pHiiC66zbF87cs2gjidbefHifvN_SEyWT4QvB7u6hJQOkV24BnX3EWwerXG7ZR5uDElX2Qcy32D-Qi4WYWe7y5-r8sDZoj2LVCUx8-7XXA10Z4Fy-_ES6bL5KckfELIA2XZvxE0TkEcdytlhwMZoHgRFbV3qXjaofxtVGkkKy32XEUKd1it9vASH8JY1pX87hwhcrQGWT6Wj0&cid=CAQSOwDICaaNKiBMMRo73fBHAouVvxvwBzIjG9leKElyOwLTZ3uHWeVgy8OFWIMf5bplLJiP3lUQMgn0NaGBGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=7830363104976622000&adk=1726166460&idt=648&cac=0&dtd=39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:43:51 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame F5F2 30 KB
11 KB 92ms
92ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:57:20 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F5F2 41 KB
14 KB 85ms
84ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE34 1 KB
758 B 90ms
90ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 32671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Sat, 07 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9010 70 B
148 B 72ms
72ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9010
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/8b40f09d-c848-45ff-98cf-2ebf6d130291-tuctc19c28a?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A

0
98 B

103ms
102ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25036

Redirect headers

date: Fri, 06 Oct 2023 16:59:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VdIzz0NE2oRG3_rQThI.s8KfNkBn9Kbg.DdecQ--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 9010 0
15 B 54ms
53ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ Frame 5A44 391 KB
133 KB 138ms
138ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93d56980eb2c0c690448b09dc8408bfad475513782b30d2080e5cef76ee61502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135721
x-xss-protection: 0
server: cafe
etag: 16422283701263775155
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame A33A 10 KB
4 KB 43ms
42ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 9087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Fri, 20 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 111 KB
32 KB 89ms
87ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:21:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdf69b-1bc07"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 06 Oct 2023 17:59:56 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 54ms
52ms Stylesheet
text/css 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.594.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3DE6 724 KB
232 KB 48ms
44ms Document
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 158262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 237562
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 21:02:14 GMT
expires: Thu, 03 Oct 2024 21:02:14 GMT
last-modified: Wed, 04 Oct 2023 14:44:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 921ms
391ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 16:59:57 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2032 40 KB
14 KB 59ms
58ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:16:40 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 88ms
88ms Image
text/xml 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=%2BibaGgBTgNlvESyy%2F2dv5nf1qhisg0HySCEbHKSDS0CMCT7bdub6bJzPLWASbIeYGVDNK8xT%2FEhJB4kbXYWL61OR4YtvWVA18K5YBW%2B4r1EQyG52Vb7jyHsikNeWlra88EBppP4Q4dQFxj%2FZO1bhAlPT%2B0un6tWxa%2FVEXdh4hQgU6DVrNFOAMjFUydancAz6uC%2FkdjAkMHzKM%2B4JWw1cJp3HrJHDS0Njav9lWUZtCHpba0ao5KrvHSldUb5F4tw5oYfdBcs2FMSMfi5%2FaOYUiJ3aK0tOTJmU3YmDbU8ajvQW6W00OrvUQCCcjSLbwz1eJFg%2BkYl1LZH90WTTCNrNZrIG4OCGIQAwUNy4ISZg%2FMipIL9vmRp3qjbrWAF7Q8lWGqm2MPHQQcrxJCpEwDgm%2BccdhLedTZHbeKy0mWxu%2BdbU68hSlgdYeThf1MlQu91HE4TMgIb%2BIV1uCy9K0UwJeaZtrIrkAdbn6h79gHneyHt2a60MEpTDo9idsCgHEeATme3prfA%2BK%2Bm7GRJhiEcEERNPEUxs8nYcvDbjpKeRSSYOOCpnwrsxf6KopCmXGont
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 nurl Show response
a.teads.tv/be-ms/ Frame AE4D 9 KB
9 KB 94ms
93ms Fetch
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/be-ms/nurl?payload=GISpCiDTz0QovcNAMkoJA-gQZ6nwLD8hmpmZmZmZ6T8ouPyA3gcyGyoZChUI2NsJEgNVU0QaCmltcHJlc3Npb24YATjv2R5YBWDv2R5w9_kaeKuwJpgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFEkgFXCAUQ9AUYxU8gqVYqBDEwMDgw____________AToEd2lmaUIQc3VucmlzZSB1cGMgZ21iaEoBP1INZXVyb3BlL3p1cmljaFoGcHJpbGx5YgdzY2h3ZWl6mgEKd3d3LmJnMy5jb6ABAqgBA7gBzzfCAQZwcmViaWTgAQH6ATMSLwoWCIyPsZKixY3p1wEQ_6zx0aSlgOOvARIVCOublYm0moSaChDah5_UoP3W9KgBGACAAtvpua-wMYoCB1dpbmRvd3OSAgQxMC4wmAIAqgI2QURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhsgIaChYI9pXVz8mCytOJARDW9ard5pffpbwBIADYAgDgAgDxAgAAAAAAAPA_-AIBgAMAogN6aHR0cHM6Ly93d3cuYmczLmNvL2Evd2FuZy15b3UteWFvLXBhbi1oZW5nLXh1LXhpYS10YWktbnUtcGFuLWZlbi1xaS16aGEtcWlhbmctc2hlbi1qaW5nLWJpbmctZ29uZy1yYW4td3UtcnUtYmVpLXFpLXN1Lmh0bWyoAwCyAwJjaLoDBkNocm9tZcADWcgDANADAOoDJwoHCAAQARj_ARIECAIQARoECAQQACIECAMQACoECAUQADIECAEQAPIDDjE3OC4zOS4xODguMjQz-AMCgAQA&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=UAFy2KYfFacZe0fzWJ0Lz0bJVPEOCVDDqIcNp2zUTiAPLw&psid=415253&checksum=1904016150
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a7f944230f9e86b45daade47557f816853a9d9e418fcac52ad478239ff4a7094

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length: 9132
expires: Fri, 06 Oct 2023 16:59:56 GMT

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 281ms
98ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&pfid=68&env=js-web&ut=1&cid=1124307&gid=1057213&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=UpqGOxZKcFU7CvSU0kgDNTrQ&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1057213&dsp_creative_id=1124307&fms=9&p=ox2P2wUnJQNCPuLaw9j4shyB-op-zpFCeyZ5JpMfCTCu1o7VEDCrRWylvpxjCkweFd4&cts=1696611595534&cs=-919912035723111044905&1696611595534=&slot=native&fv=1264&ts=1696611596827&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 16:59:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 255ms
72ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adReceived&env=js-web&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&pageId=154680&pid=169092&hb_provider=prebid&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&pfid=68&f=1&slot=native&fv=1264&ts=1696611596828&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 16:59:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0E5B 498 B
346 B 124ms
124ms Fetch
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3476776858963174&correlator=1316006254240633&eid=31078612%2C21065725&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1696611596842&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=7j12hyiy3snc&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMvC0c4NcytTVd34fhR_87Xwj6Kgyms6iOkNtzMQk1MObMNeD2htqNYb-v_k8Kun2BCk9CJ6Xq7Js6h-O3pwwz8P7qOR4Y23ylow3NmG6JtBPjGTAgiPkwGl8FKAlXt5l7aLXPdbXzqf0ATCIA44T-XkXwtcRl8vSqfg-0hFhVDO8sqpHa2xYeUX5FCw_X7OsEoV5q9HGa3MMil&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1037428582.1696611597&ga_sid=1696611597&ga_hid=2015839510&ga_fc=false&dlt=1696611596207&idt=444&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea4499ff6c5373ec4e819be199466893e690f75f527636b971c03d56ffb8b0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0E5B 16 KB
12 KB 946ms
161ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a19bddd97528ff90ca8ab343772efa4a030cbb5527271831930e350d3bb4811b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11989
x-xss-protection: 0

GET
H2 200 container.html Show response
d2f12328c77d60882367512d866e8a29.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2423 6 KB
3 KB 82ms
55ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d2f12328c77d60882367512d866e8a29.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:56 GMT
expires: Sat, 05 Oct 2024 16:59:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

setuid
ib.adnxs.com/ Frame BFB8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJD7Qupb7f3qiUJMoUrYdiY&google_cver=1

43 B
844 B

116ms
116ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJD7Qupb7f3qiUJMoUrYdiY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWUfONk5r2Q6kj-PuBWPgj5DkQeFduLIo_rBg_MbS4jX8nj80t1bMR6389idQQxoexNO6b1-4X6GxS40Sk5PFfH0t0uuw

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
an-x-request-uuid: 4face6eb-fd54-42a4-8f30-6232bceba903
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.39.188.243; 178.39.188.243; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJD7Qupb7f3qiUJMoUrYdiY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFB8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1NjAxNjU5MDQwMjU1MTQyMQ%3D%3D

170 B
188 B

163ms
162ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1NjAxNjU5MDQwMjU1MTQyMQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:56 GMT
an-x-request-uuid: afde5423-c2d7-4755-baee-47079ea755b7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA1NjAxNjU5MDQwMjU1MTQyMQ%3D%3D
x-proxy-origin: 178.39.188.243; 178.39.188.243; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BFB8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1

43 B
180 B

110ms
109ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWUfONk5r2Q6kj-PuBWPgj5DkQeFduLIo_rBg_MbS4jX8nj80t1bMR6389idQQxoexNO6b1-4X6GxS40Sk5PFfH0t0uuw
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1
date: Fri, 06 Oct 2023 16:59:57 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFB8
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTg1MTE2MDgtY2UxOC0yNGU1LWYwYzctNzllY2I1MGI0YjNi

170 B
188 B

459ms
459ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTg1MTE2MDgtY2UxOC0yNGU1LWYwYzctNzllY2I1MGI0YjNi

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTg1MTE2MDgtY2UxOC0yNGU1LWYwYzctNzllY2I1MGI0YjNi
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/ 168 KB
0 221ms
56ms Media
video/mp4 185.180.223.91
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-91.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 06 Oct 2023 16:59:57 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 182ms
78ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=68&gid=1057213&sid=174681&brid=7119&cid=1124307&rpm_reason=3&ut=1&p=pQGMshTNLNWWG3sIF_-U3llDW6FgE3v7chYTXdC605_Asidttng16jvl9fZHAF382hcKqzbGurextmo8zkH5ldi_&cts=1696611595535&cs=229481660312224860205&slot=native&fv=1264&ts=1696611596907&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 16:59:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 0254 30 KB
11 KB 48ms
48ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoUXXn_pLHHkWbA2noA6VlCoGjcEGynEF-ZPr_f89kz8-NGC2D4WbF_0Ra95NdRlbRvQnhtZNScgZNSMCL6XvOCFpYkz9UDGG2RREULdKOb4wNW8Thu_a7bz2L5KlvFtbZ7y9n0in41XW0uMIO6HLmo5zij610GbLzEZ1S_74hfHriVQc&dbm_d=AKAmf-DGiwE8ka_o83iJHzDe1uoapCM4tpnMniCH3WEIQc3tBeWyTZe1iEbvrVb_1mwgVU5aQQHULm5b1cZjvTQp2nVpwArAATlNIH60-ex9gzeho4NPKdY_KEkdFCP3VSqrfBSq1GIRcCoyo0n2x9XZvl70f9QwY-l6w3tlPLW75F1TeQgl7IRVsN0TwAGyyOFDIUCI0HPbSthqK3p-vry6EYswwwnltKZA6SR45SWyxE3CcuWlCS7yl9kIk4cj3vXQiT2ZPhE_1N6ooNdlOefgZT28d9xwitz4WA7aibRqLcxuCXufLwVVCPe0RwlD7HGxrQnkqf9lxegJpIeEXoVYkKb_HWj8HJr36eiJBGl2ulyvKUVvnNfVUnqTNrXQ9o5rhU3NlkrcnXiy4ghUtIn6GTF4k8aeQYeSo4qOd6MDU3bNDTZ71JQs23tnz6lWfSDv5icgEkZDOmV28S80wx2dGGk177FnYaNdpwMJL03B2yH0LxbRi4nOm-ZCVqIPKxwyLV3rgjPWfEig1UoprjEuffuGGGLStHcQVbLflhxNwuyOX2wGEf0boGAjDEzd7pWIKFiQXxPkiH148dIbic3sVWLt_eRLjYpNWTKIM_nZogRoXmVz9fDPDgvXsj-PKRBEabw9kX0x7XyD9diIT6tnxbCfnXbct0aNaUYmT33Ukv_vYn7vw4DWjhzZNWi5hm9cKOs4hRpShMnLJzdtVk7mClY2AXSeSuzJoexuzZS1utf_nMQTQk4P705bLLnjxPuEH-_cTMFXhfTrba6R-Yv6eqgOY-PecS0EgwQJVFnomQdSYjplzP63dFpCHaPaArf2af33JbAdjaKFle861A1SyIk50POZLx5H8z7VwOWGp7pbAtAMhsWXKsp8nEW8qG0rJ7E7qGVRlza-Sl05R1RdoND93Bb-VICJgeGmI_gyNvIbopNZus9kQ7F18TaM2Dpov8w0TIyftYudDRsLKItM5Rcu5DNz9yR_4g5r26zzOhBCtzJKVnX9sYAZIB13gJD3o1EQDV2QkwZZpJdQOFHzsHZViltBPo181XAa1YyB_2lTTt6xY4EufM7ilupGmO7qxQE1X1JEwBdkAibTwVHcHAuisktFy3hGU7umSjCNUIlZVRh5VED6lUZgAoy2-d_QginqIDo1WDvIgSeN1vVgrTDDiXi7kdlhmfdubdhO6g_XFY7LbUKgBkjhpqCJt9zyzzfkUvRp1aDsZxl5Revqyf5fuuMc1vUJQ4udJcnnOBKO3j3axst7PgP0-ye5d6EqKsKHy3zzlx6tbEUxBMK-DMYWWjY4dM6UakeZKfJejmMj7Ykqw271rr1njn2jOzI6PWgs42gaunpWawOk-MQlVEcVqa3faccdszagvYDWYOV3lJhtKjIn4KmXcFA5Zb-Q8mNQ0yl44EwYbX-X_Swuu-IPD2pbkBVRbyCf7ElFBOynOqCUyrglS0glSQxv-WhevLqli_cG3CnvZUV-03MVt7sZklCxd1t1OvU-CUPUKW4Vz2HEHwspD8DsvusFxzPiQ5BNMF6jwVT4ieKfk_jnDrMoZeyUR9jAtVVLOZjxRb5RT-24PZv2PWqzesKTyLeljDyJMZJHipCVTNiKA13HF4eqxCOEyB15-F3KqosSDxEnGPEexTOt3QCWCDnj07YrKjUKn8IGN8N3vDVvqQbXB_LIpIqplBxNAui35sWcjj99LBF3NEW2AKe93RvQYZid1RGY4ZZjCIMQqMFjD1UToQ8hPsg7wFn4HFzrnpb3DiiC_29XIZzwoen_TL18UfNoCDiWYwCFVYnn8r9zD8l1kRJ9KOj0edrh0y5N-ObMiR6FMs7yRtVB7fmeBpvu8LUMK4BWmDDWSn8pUFOZvEhXBCBVWdzIGckEVHYsqYIZS0qaESDCCtbktBne9DIEr4F7Gzr1N3-QC_Eq4ozmgoBiV981bJ7jTEmPJsvWrVJb_QqIJK3zwsJKEJd3SYdbFwK1eDm0k76XvccGM_vmAgmw4Z1a4QmLflKMY1j-CfJigKxrgmnWvlb5p4Xkp_VvrLneQeC7D79kOpkI2dg_3nuocGCtcVNq6p1qdaSPogWGJyriUQwgIVF1wTX7kBPWhY1Pb7PuIk-OZzO4u8wG3rzteJL0ZeUwhKCvf429qbHkS0A0fWL--lfpUP9UPQna7cpwwc1y2qi036-yCKCQeXhdfFK0ccvava1Gg_zhMey9Bu3Xcu6q48iYkvHApWIL9jRuue9j4qqI6Qp1J7Y6HfGCRs9C_s8CZi60K1niP4rSGs4hbXsh0kwFqRhVcr6iySi6BCvShSK-i91tPgmLVys0_uZrFuGzgdSjFdRrPPdetir4HxTGaF2jzTw_IS4otEEWMvM78y-aOayiLsca2jkM0DaHJohSxFHjIokdyGPYUP39xip5Lzv9ubBKYrW1vjt_uIGKybC_J0gx-DpLjbvcsEslVe9R3kDRH9F48g-dIQXE2lpir5l_4I_nLrQvZDdu1F67Da2e1xRc1Sd9WRoVs2iNx4y_q9pdNzdBK4zG10bwPxUBx6A33jII8z2q5qRfrvkXWK0s3l_3i4NYQKQnp2wIkhY_y2TNbznlqI4TbMlWn-cLubLfzYY7Dm5GZxh0RJfU2GB413HXEipOYBPB3BpsBodPhmhIGzoEhTQg3gj5diwN1fTHuVNRlA8QDw4KCVaJch-Qp4htP3GKuKW1lPsVK-FwT_XFGZx2PWmR-hp6WGkJTngoASzmfW5ACYgYnbD9xlPHRy8ZlchXTimcc09BeYnBm2B_gm9ix1y7xEbWmVoNSsyy_wMw0G9vAz66fnKzeMVJ2rv7lFHAe17hWg2DC-Zu0gxGVEie2WCVHLppxmBUbzek1xYqjscsK5nOZrzRsoaz_n_XBnizCHT0G73mj4pAbcxwx-XStbqDUBg-WtvRUPV6CGsXBjtsZD7J6SxEjUCK8sekqnAcmezsU_s3SR1qltK-h8ECNy-Z5fkIfPIqiiEinBLU29npyV23e_eiN3oFnBL8RGAdKt3KmxSzDnxHi2mmueQx5tadQk1wji6X9ysyOnSbMFMZgqiZUG9KaJEwtALelvD4wRbnLegnwpH0hHg5EAtC9ne5UTS23z9SaLrTYHeBRSCnGE0Emp_4BdMyNl8fULgTqUhjFc0zupaX9crY4VV4Aqo0OMl8H7CFQ1zYN_vVbuFxsS83psL98KbKQSW-53QKbIKuZiXc6KGcGK6nJpSMMhTtjpJOHJhbQX-gdby_EO9BzaSGY2fCH8I0rWu6kRcZA4vNc73o20xkhyxNZvr_P6nRhsv9HY4V3B9PiQeXoaw9FcazR_k2BKMHQDtrI60eRt_QI2oBxwGXc_2VQYQ-jpOq2Jj0Bjc9dAq-r2F3sbSD3IM6utqNV8fv6M6v1U0Oad0oqvBYJZxeAf7ehIbND5kiPwNl_VdrXSgDFHdQy-Ey_Xca4B2Y8PVRqkaQaxjZomQoKWVlgQaOAKjCqdQ-S7FLU4b4EbHi4fy1OFxbjvaUSvBvLCCVv9pvvrmzaZRuLvVbjTT1hznedM-XY6aY8sfDVNiq_xSIxFsH9Z-xCSrvx1UhyskorcLe7dAu14cl_sQ175od6GSsYL1tc4d8KEWJEowc98mpjs4OfGauaf_kR2gnZbjYxQuMj4M1u4BGLvV59VyGlAzvzX99MsYin57dQds0r-DsQS9vYgVTS5DpeWDfszcKNYQcBBWvcLPrrOPQvnS44BOeWUFoqTaMilHNNoQ7V2jWxiEEtQusQ0_b8TG2Z6JZhAzYyOTwqBlBrnj0ytJ6mlRMqOm5FfHwJizdUNPLx5WgwM2ajPj2mMhua6EcrkKrKKb2FGLDaaSPXQZPDLvY4GPFwQ&cid=CAQSMgDICaaNilFrJwk5RsYVavaVj0Vk_wF1YUHsMVNmzQ-cM1ZKC0mqYm-F-wEeQuO0KIwjGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ds=l&xdt=0&iif=1&cor=8929144024503426000&adk=3767877938&idt=203&cac=0&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:57:20 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 0254 11 KB
4 KB 51ms
51ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:43:51 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0254 0
0 97ms
82ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6Fxme2aSlOMHTRTkl8lxfxiRySjqzj9N6-xjPudFHsPWISCfobIeMyaF3pK_70DEeLPiaC_0MLG3oz0LV0qQSGbAhKtj2_f8sHyfszojRIB7AX-f6OEhoJbe6Y34f-VO2sfikiqE9aV5iyX9gnpmdM7Wr8lWFdCcRk0UqxMWXf9YkYD8AqXd4h7PXrSoH-h9M7Adc7NrlNJE&sai=AMfl-YRpaCTVBQMUyAHCZR48FG7DtF-5861FoUc3jq1A7HwWaux4bXa6c9fNw7-z58Wx9jtiM-6uzhwJUF2Gj_h-wl8rHeWBusSfcSoRR9YhFQCok1mxdFt9tqi1DOpiyf4oj0jye84VZEDAP8hPv4OFnqM-DB_4vHo0-Q&sig=Cg0ArKJSzNUdDoSu-uwxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231004.18744&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0254 41 KB
13 KB 49ms
49ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 13884358540961613476
s0.2mdn.net/simgad/ Frame 0254 74 KB
74 KB 540ms
162ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13884358540961613476

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

756a4fde06ade3e092cb1d99fc9025cec53541746893665429182dab4906df0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:40:50 GMT
x-content-type-options: nosniff
age: 353947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75643
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 06:47:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:40:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0254 187 KB
59 KB 67ms
66ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:56 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 914A 0
58 B 147ms
147ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7809521414272&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 914A 0
58 B 174ms
174ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7809521414272&version=m202309260101&ct=77&x=1&cor=3142597607363725000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 914A 16 KB
12 KB 135ms
134ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DetAXWsORB5jBCcFvy8hS7stLgM3-9gOuoV0rdnegAGOOqFU1ndGdEbr210x3ZKgZFuKofs4U_OUf5oG5SvmvbVYUGnJUjs27Yf5-dE_dRKSLb8K5w4NbG6f-wnGjA6Ayzlv6AdCk9LtcvyO87gx_rP2mKcZGyZn7ZnQ4MCN8UnA43tDo&cry=1&dbm_d=AKAmf-D5uj-eoYzLbpBCNH4_fwp-OFiTPVFVnWaw3at1t-55fB85TorlCDRE7G2jbON1qdHgbod4aD-rOy58EKVQoK3cHqMaE4L0wUAngD8C6IdkTfIkzBQj3-D72amvV2n9oATX2nkmom1fIfWnPYcHX2fnEel73Yao_Z1zFG3PZb587sp-CgtKx0jrnWSlk-h9hM2zwX6aNh1KppiqDERd46qONC1y6kr0Ggee5w49e9-DW6LLNmdXm0iEkwLcqA7NnNTDDImE_BxoR-K7S4qK-CfccZNa-z_dXvS6i16BuQFqqoVMzlVoGRQhNEJztGjTPWRLuA9IUCoCyGJyNBc0gR5vRlHTPTQP3NhZPAHWdccmYTjiLjm8beXRskBNTQHlDF4oZsplD3NtQgmh_VeRXXE2TCIYdUgGHj-tVI67_wop6N3dpqOCgRgnK-hrPUPogPn4V2bHsjuyN_u-tk-qX6e0TVeXVwxJTpf3ydVAMb9Ilt0NpCw7Z3cVhdJwKawyNlDWq-YX4veAnxLIQvbrq0SyIR99ZzsQWjbQitHgsL6ICC7raO2Rnicd7JzYM26jiv-vAFKLcLX3M25UU3awvvADR2cnNGtvoN0X73M06jN95JYzVMn5ShEY1gwVsRoLKutCtPBTqvPstW_y8GQ0gblgiyRKmHv_jCWfvbRS5gIYsUzJUa6qkbBX4LL5hOql27I83XMqDCRWyIuYI5QuKvdEXGXuvLPGl_j434CH0N0L7c8rvES9Yo9Nzmtc-OZfhAxrMFTZq7nsKNVhV1cxdNedBC12K5Bu9ThJNG6afuIwajzqqdX6Y6GKhNCPxUAny-P1zYbHjMPjG2uBFVD47bvgnV47L_cW8wMElKmLL8-qWVHrU_DkSjUUUXas7nn_7HmDpVYyhyj5p6VZVr13QX69_wjlpCT8Fxss8URQAg9DTF2XN-L8F6z7WnWfianuz7kPtZlPmhjr7xlUA04w-APAJQ2uAav88nrRVdWKXWB9eifXzJSQlKAX4L0_45EVAsZLI5U1MLqzuVFl1rLld8XQ_8Tp0iv9S0uxQ7V_4UI9OGn1tk3hmL8j-8JXh1Dbjj2Fdklc02mmWt6co8DVsEe6_IzzZjp9GKKQxOWXaHrBwFrzMOUkFZU-FqC4kXDzNoHrkfH9xm9tBTGwnG6hl-Hahr6l-nZgxGy4xsnwTBvUIinb3RDkw63kmCw6LO9CcoylPwAnTXFp5Jk49GLedvT2wyIIytB1h0Le1zN-1ZtU85RxLd-Hpg1wAkqDeAsN1_GPMiQA7xRbcUGVZ74SdNVtOFn2AvBELZ6QvmB2R00Ad96E-YpB3A8vh-AXfNu0h6RyPm3r5Pxyz-36gogTV45_8w5dxX5WC5x-j6IJNJtCbej2JauOQBX08RfhiRLF-eHQDwlbLLySJUSFAo3eirw6ke_LHECZinVVBeZ0Cyp2Y2K4ImTOVj4754t-I5gIVO2EeZ-keLimkZ-IiDKgAI6r4oRORl_5Ag3sVcj0JKUfKsiAnA8PYsTHDABhDP_fFM9PlNXumG4sYc2hOahCcyE74XA8scEVdVzQm4JK2bxsPKFx4RyvmqUOOBPDZg4Xw-8KCh222W1cKaoCl5PrOfchKjiyXd7bIVdMzH79Wxo2GuWvmCpbG3XZ8QddZVvjaA--uZodm8KZD-p9bQd6-4AKdpeoBvBanCi5-6ekU3yP5q9GvDogr7ThzawEOeGpHBSeRNezS3SG6P-UeiBujF64B4288zCAtUdcF0YZtZ-nwogCBZG3n59eRONngTT1uo1KFGDEMb5SnEFI2w4vot3aWJ0me6XcDk1KFutmTrmNQePuDfrGCbkaCPx0Ci-z7tHLwLOnPAZe4i7n0MhEAWjV6E3u_CltqC2bfVDZkIZ2V6hHtwWooyZ9l8cA6bmPSkMcDb-qNEv8lFnWhGIX0wjtdMgixS0VwbUrmqsm3Ah-15nomImajM1mYRXRB6cwVnj4HaGkXiuB30fIzluJ7zk4eTHc3atIaJx8It_GOPlG6WSMEwOb2bXBf1rJZ8QNgyc2I7wEno7EA_G4_43T49bzC5tjCooMGIrake83GiyTAwgcbYFrUl_nDue6sgr-EBNWr9WvROGp-3ptTVvg5kS-Mj9EFbfubVGBMuDSnTX11LwzjcqFHfvKPz17W9OSSDqYtF2Qxq8MuaAXTgxwOq3LMGqa_pCEGkM1tiu2MJMyu4_jsqv9wbIJ3iCd2S4AcPFYv0rfw_fbn-lPAvAmpmAN8Q51zfTxXzca_Ed2HYLpLDqJeVDAHPpqvyvB6_SylUV84qDbkiRTd2Af_14zyPqnbxFrXTuZg5yOtfZIfrxvq5-5aSYeKOhtlv6CcLB7DB0O8fRH3aU9grtmdhDZ_Hzhs7fgIGYru5bbxtF4BZyMvDgMi-RVrHvo8kn2aCWaYnQnZP17Opu3BybgaGZG-KoUx_D6POvqzLRm2mbnHQ-1GykDSeyT9CyfyzB29zzrhA46aRzDLGd593Yy3QPU-wkKXp_h0W2Vl08wl7BU79SbmgTulLhPjqmMWqvRtiYUbSvNTet0-p9OVpT8xSEw86KSuZ5Adl1JFCTpkCk8Ajke7d6SVh62tiqjycioweGQLqc5jYd3maoG8Npa2YtpfRNUkrUM_gQ9IkFf3Hno4IBQRuiqbUWhn1hXfcAkh_RJ82rLa-Owa5FvDJI3rPGfZsL2nE2YJx_lAaP33yqcWmKorTyS7S2P33uxUEnOQD94LdhQZT-CQwGMtOpF_iN8o-Xedw0Kp8tn6pOn55I375MBK1q8h62pSPzrRbOzej8Yw8LMsJyek9g-J7bGS85StdJ_gmmZxxoPZn7XpjggZRQVQ1fac_n7J3438ryw9VM_tb9sLhlwdnYGDR7ReY2_TfUdu_i9ookxT3gAlXDuNsZ94ZVshG3RxGoYkCdt7W2d2iFERkrpB6kjDDWJOvpyE87Xd_uib11KrR78JA0EtR-rR8BtXhPwLgg9oi-e16wWRl7wRHgy61eDJZm6slk5FfkGVTLANQDRky2j7KGQFsNyKiO_Xw49Ev3Fn9oF3WsMnsuYvs25xOBkvZSWAJyL_kFpFZiRDYTRfNgvEY0wIXodGl10nP2QWSbSumu49K-hPengm12HeSJkQ5Q2IvJxPjR9sKBlYTQHBtVND3FmMUtdae8bh1abp_6xC4ye6QYJztgJbtl0g-eWcFfGbddlhQjcTyYtG1yhy3L8yE4Oz3idxX-8OtonG8BYVc2nG5CavTBHlxr991KYaM6G1dEq7Ut_jNRAX_rErkdvRaOYqGOeW0syAPScFBGx4Jv6iQoDfvyp5Oa_-zPrVwwvwei0L9QlTKZBoEyGaxsORqNhsMjWCDLL8KCQeR8B-N5nPdKU-2aj8Nsx_q8lYenxMGBBMo-LqlIJJEmNzd-v4hdiSgOem6eRukOHFTh0H-e4M2fho_jOUZ9dtS1JcbjSEL0_6351632K2nO_6H3IWU6kc493oNTPueywCCUIn4iU6gxFcXfTdc8ksD4OTwNJuUwB0eNPpYUpBSZJJmqq6HM3DSJmqqO2UAx8Emkk7SnBmSj5VZH2_qeX9lLaWBqDKdJffntVauc-GhL0Xb16UbLRl5-CA4jCtOb80n3sp5IaG-d3O-0FfJz1oQVhu9ZyMplPIsEta7lg4Z7815Ly9VdeQBxnw5h_izczBv81VkTZRdjI-WAQBgtdk2WwQ_yxMjblkHyhZlxdB9rrc4WPmYZDv7fQY9nplCOki7NY6UQ2wXDVn47iRsLDwuvf5aZh2zUO1E2loj46LxPLUQ_eosC9RZ8_tvCYQJbpaWOzdhzOdAGdBEEHIcyNimkHOFXeiloviEAkMlZG-bUSHdZm8JJyA9qELRxle9YVY2wu_eqnqdoqw4Ihczcf8j-Cl_EZMoYu1d1JEhf07Z_4rceeN_TokSSZilSjVJiWM2j0nUEpmdPh8qyrEh6EA1UtfH38-AugZPq-IC-ifQs4xWGv5JxpoYLHEcXtuyH92mJ0qe0IN7EQi4D_tSmhxM-Fkwgu2lp3tVmUWaKH34-hREqPOhHhFWutHKQOr0YpB9dhAePaUg9vtYZHi1pmmOJoFfhE44TBWZ2CiVg_51zhvOeWeL3b0aa-VISvq1qeE7is7JgASP8fk8qyQrL6HsEWKGAvs8RFJJ63XNdxHg&cid=CAQSOwDICaaN_ZXEj_YxwYk6KHhRG8VxqrqojjOsvyK_055PZ8r2QvtYtjYhBB8eaRhm7zg7vz-rB64T7Oe8GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=3142597607363725000&adk=4188270525&idt=207&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aafbbd5ca2a84d1a6b3ef2c4bc217407940024e81cdfb19128ce065d4ebfdf14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 99ms
98ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3a40&_p=1151098569&cid=525398678.1696611595&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696611597&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=%E7%B6%B2%E5%8F%8B%E8%A6%81%E6%BD%98%E6%81%86%E6%97%AD%E4%B8%8B%E8%87%BA...%E5%A5%B3%E3%80%8C%E6%BD%98%E7%B2%89%E3%80%8D%E6%B0%A3%E7%82%B8%E5%97%86%E7%A5%9E%E7%B6%93%E7%97%85%EF%BC%81%E5%85%AC%E7%84%B6%E4%BE%AE%E8%BE%B1%E8%A2%AB%E8%B5%B7%E8%A8%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE34
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIn8Q6lQkpPHU5OanAel6MA&google_push=AXcoOmQ11EotnFbDt5qL490yFvrNq-BIrKUwTU7klmWBwz-hSFsAjC-DMd...

170 B
188 B

798ms
798ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIn8Q6lQkpPHU5OanAel6MA&google_push=AXcoOmQ11EotnFbDt5qL490yFvrNq-BIrKUwTU7klmWBwz-hSFsAjC-DMdZxfqQtnzy_yBIoNLCKOejglsBWzIJdVW6x-MacckdA

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21038-AMS
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696611597.428935,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIn8Q6lQkpPHU5OanAel6MA&google_push=AXcoOmQ11EotnFbDt5qL490yFvrNq-BIrKUwTU7klmWBwz-hSFsAjC-DMdZxfqQtnzy_yBIoNLCKOejglsBWzIJdVW6x-MacckdA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE34
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBJsWJtP3YktAxRPSuzVNf0&google_cver=1&google_push=AXcoOmQwyE4Bwk4FPRYN44pvuEZ3KfGPlToC3TnrajWUNKOQziP4vr638393XmEJk4J1KB0IPgGOr...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQwyE4Bwk4FPRYN44pvuEZ3KfGPlToC3TnrajWUNKOQziP4vr638393XmEJk4J1KB0IPgGOrXxjmX1_cbOGtKNw6ai5_bg

170 B
188 B

2157ms
2157ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQwyE4Bwk4FPRYN44pvuEZ3KfGPlToC3TnrajWUNKOQziP4vr638393XmEJk4J1KB0IPgGOrXxjmX1_cbOGtKNw6ai5_bg

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 06 Oct 2023 16:59:56 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D61D9E324FCA44F2A6B03436FF46A64A Ref B: GVA30EDGE0114 Ref C: 2023-10-06T16:59:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQwyE4Bwk4FPRYN44pvuEZ3KfGPlToC3TnrajWUNKOQziP4vr638393XmEJk4J1KB0IPgGOrXxjmX1_cbOGtKNw6ai5_bg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHDyuahApwdiK+H9z9FA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE34
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H1iNFsIJRgS82MisqgpSvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

245ms
245ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H1iNFsIJRgS82MisqgpSvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRAnRMF46NGnWATwlwA451LGNKxqZrbHirQACV0pBppwnhoiOFW4QHW0JZZpnhhh84ffucvuDUvke6tY2BNDOtgtFzB8VaI

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H1iNFsIJRgS82MisqgpSvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRAnRMF46NGnWATwlwA451LGNKxqZrbHirQACV0pBppwnhoiOFW4QHW0JZZpnhhh84ffucvuDUvke6tY2BNDOtgtFzB8VaI
date: Fri, 06 Oct 2023 16:59:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE34
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFwz-cgXsyicpR8xQ5SXhEQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFwz-cgXsyicpR8xQ5SXhEQ&google_hm=ZSA9DHkPdEdz_JEcThEN3wAADQgAAAIB&google_nid=index&google_push=AXcoOmQhGTV3IjeobXYHTfrtX5qJA0fab8wJL...

170 B
188 B

157ms
156ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFwz-cgXsyicpR8xQ5SXhEQ&google_hm=ZSA9DHkPdEdz_JEcThEN3wAADQgAAAIB&google_nid=index&google_push=AXcoOmQhGTV3IjeobXYHTfrtX5qJA0fab8wJLRq0lzFqG_cKStJWCIqNpgMN3lkWFPAYdRUrPUmVsSUzAlXXRIE-oLcn8OiJdDIn

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cnxav4vJsRsiG3pCp5PDXoDBnZF%2BijK2yBDD6wvnNZAINWMbb7qhRZUDaeXIyFPAq5g7tuGAd5vy701pjWnLYWst80OHqD5%2BPzSn0M81ogo809f5mJ7ZIFd1j0aNilfiW4mAuVELRSAe2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFwz-cgXsyicpR8xQ5SXhEQ&google_hm=ZSA9DHkPdEdz_JEcThEN3wAADQgAAAIB&google_nid=index&google_push=AXcoOmQhGTV3IjeobXYHTfrtX5qJA0fab8wJLRq0lzFqG_cKStJWCIqNpgMN3lkWFPAYdRUrPUmVsSUzAlXXRIE-oLcn8OiJdDIn
cache-control: no-cache
cf-ray: 811f75329cdc22b6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE34
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEChRY4O-5XPVwGexARI3kxY&google_cver=1&google_push=AXcoOmS5dc5SMpBReu6HSncB6HohUrW0GRqzRfmFfb8yg2ESovQQNRAB0qXtioXAHrRigT3Hne4SAdykEeHG-UHcpXVtXiRfd20
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM5NjEzMTk3NDg3MjMyODAwMFYxMA%3d%3d&mn_hm=MzM5NjEzMTk3NDg3MjMyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmS5dc5SMpBReu6HSncB6HohUrW...

170 B
188 B

293ms
292ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM5NjEzMTk3NDg3MjMyODAwMFYxMA%3d%3d&mn_hm=MzM5NjEzMTk3NDg3MjMyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmS5dc5SMpBReu6HSncB6HohUrW0GRqzRfmFfb8yg2ESovQQNRAB0qXtioXAHrRigT3Hne4SAdykEeHG-UHcpXVtXiRfd20&gdpr=&gdpr_consent=

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:57 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM5NjEzMTk3NDg3MjMyODAwMFYxMA%3d%3d&mn_hm=MzM5NjEzMTk3NDg3MjMyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmS5dc5SMpBReu6HSncB6HohUrW0GRqzRfmFfb8yg2ESovQQNRAB0qXtioXAHrRigT3Hne4SAdykEeHG-UHcpXVtXiRfd20&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 06 Oct 2023 16:59:57 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame EE34
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEEwiJvbFoSMYBlQfavceb34?ext-param=AXcoOmST2rzEUIVbTrEStdSjueYL7F6NtjvR7BLVXXJggjypFSvHyWT98xM9YSXyPJX6r3iM4XhM5liihiryVSpZJi9bt-ZgzNNjdg&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEEwiJvbFoSMYBlQfavceb34?redir-setuniq=1&ext-param=AXcoOmST2rzEUIVbTrEStdSjueYL7F6NtjvR7BLVXXJggjypFSvHyWT98xM9YSXyPJX6r3iM4XhM5liihiryVSpZJi9bt-ZgzNNjdg&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEwiJvbFoSMYBlQfavceb34&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

112ms
108ms

Image
image/gif

93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Server

93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 20 Sep 2024 17:00:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE34
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAOstHLrM1V3K5ciD8fWNlc&google_cver=1&google_push=AXcoOmSPskDlNNvab8NZWW5l0aNruWneBGnVbV0ZSCsDk1pAToPt0DELgkcL-8oEgjm...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSPskDlNNvab8NZWW5l0aNruWneBGnVbV0ZSCsDk1pAToPt0DELgkcL-8oEgjmuWE-8p2kzQRmAVk0pdwxVJbTzaUGSIJZyVA

170 B
188 B

868ms
868ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSPskDlNNvab8NZWW5l0aNruWneBGnVbV0ZSCsDk1pAToPt0DELgkcL-8oEgjmuWE-8p2kzQRmAVk0pdwxVJbTzaUGSIJZyVA

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 1863f62f
date: Fri, 06 Oct 2023 16:59:57 GMT
x-bytefaas-request-id: 20231006165957A7C465CD3B884AB5B07F
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=0, origin; dur=115
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231006165957A7C465CD3B884AB5B07F
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSPskDlNNvab8NZWW5l0aNruWneBGnVbV0ZSCsDk1pAToPt0DELgkcL-8oEgjmuWE-8p2kzQRmAVk0pdwxVJbTzaUGSIJZyVA
x-bytefaas-execution-duration: 18.06
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 115,23.54.206.24
x-tt-trace-host: 014be9dfb3524b2cd1771b0ce0460d26880140799bb53ef84e5a42bf50da8352560b0a13af2e32ca868eaec888daca243e29d86b1db0820898768f7fea30aef299db55a3a39a127e7a07f48f12e2abbec86dc973b1c86c011f8f91027aee000422
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Fri, 06 Oct 2023 16:59:57 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EE34 0
12 B 119ms
118ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsFeJmKmdaTR6n1JBGf9R6U1xz7OEGJUZD5N5KSUHjRV49vkAbiYZf0TdbR88ZDKKksiTbV2o

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET

idsync
sync.aralego.com/ Frame 2A03
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNEUQLS6-15-AC5B
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNEUQLS6-15-AC5B

0
0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C6DB 22 KB
8 KB 111ms
110ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 97825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
19 KB 634ms
144ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 23:29:49 GMT
x-content-type-options: nosniff
age: 581408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 23:29:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 736ms
248ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:11:12 GMT
x-content-type-options: nosniff
age: 71325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 21:11:12 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 79ms
78ms Image
image/svg+xml 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H2 200 iframe Show response
sync.teads.tv/ Frame F05D 2 KB
1 KB 347ms
94ms Document
text/html 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: e89be1812bf9901da15b87c8eac2ec04de6eb01feb15e02e4e02147235a4e284

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 16:59:57 GMT
expires: Fri, 06 Oct 2023 16:59:57 GMT
pragma: no-cache
server: akka-http/10.2.10
vary: Accept-Encoding

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 94ms
93ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adAvailable-success&gid=1057213&sid=174681&env=js-web&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&pageId=154680&pid=169092&hb_provider=prebid&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&pfid=68&f=1&slot=native&fv=1264&ts=1696611597288&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 16:59:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 performance-image-dco-e4b8bafe-0be2-4bf3-87df-7b8267f6b385.jpg
s8t.teads.tv/creative-f1218cc1-5069-11ee-b177-81a24b859709/ Frame 05B8 4 MB
0 660ms
164ms Image
image/jpeg 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/creative-f1218cc1-5069-11ee-b177-81a24b859709/performance-image-dco-e4b8bafe-0be2-4bf3-87df-7b8267f6b385.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
x-amz-request-id: V5B3RHB9TRG4P7N1
x-amz-server-side-encryption: AES256
content-length: 4436248
x-amz-id-2: l1p+KSJn7SrmytdsG3XXy3H41hG7Gt1cAUZ/kAj9DyMCvnyKjB2yzloTjrapTkiNN5U/plYw//Y=
last-modified: Mon, 11 Sep 2023 06:15:56 GMT
server: AmazonS3
etag: "83813c756a6778a8a01452b167a9dcb5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type
access-control-allow-origin: *
cache-control: max-age=31540000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 05 Oct 2024 18:06:37 GMT

GET
H2 200 logo.jpg
s8t.teads.tv/creative-f1218cc1-5069-11ee-b177-81a24b859709/ Frame 05B8 18 KB
18 KB 1407ms
911ms Image
image/jpeg 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/creative-f1218cc1-5069-11ee-b177-81a24b859709/logo.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c4419c2862cbd59b8c67a282f4b5f1672b9e328e1765142093dd3988088f97e3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
x-amz-request-id: V5BB0JJBWDQKY3R6
x-amz-server-side-encryption: AES256
content-length: 17996
x-amz-id-2: sEeUhzTBkIRzG17P/tnLN5g4PEWS2zpZzIXf2VgCmQSTwMZ5Uh8OiWl8gQExEVK8qupQjuNHimY=
last-modified: Mon, 11 Sep 2023 06:22:49 GMT
server: AmazonS3
etag: "623ccdf5c134df5ef4e97de6cda65a1b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type
access-control-allow-origin: *
cache-control: max-age=31540000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 05 Oct 2024 18:06:37 GMT

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 135ms
134ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=impression&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&gid=1057213&studio_cid=f1218cc1-5069-11ee-b177-81a24b859709&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&pscid=20204&scid=7024&pfid=68&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696611596862&cid=1124307&pid=169092&erevenue=EXz7z3STEKoSdp-BV4AwQecA&erevenue_curr=CHF&fms=9&p=bxXf8UpN8Bk1jwBoAdHfuoPrG9yrDbwrJYYHq8RzfR8u7Za-5maVaB3US2VNFVHdVX4_udW-tR2J7wLIc-8otW1YJm5GtuMVqgR81q1e7m_tJ2qsAluw9JDyk50-_sKdFa_ckQRHSL3U_yn9TGVYo_g9AYhgsO2RSo3Z9TRNtOtvsYj4jszGVP0zuuK8PU9BsY7rHGTRcR3x1ds0byu8EJ_xxb94nsbPw5WTn04rnTFom_rIxsQnwIK9tkEdloAqsIMCtejcttI1eMbmvHpqXx73pq6TqynqzHy1X4Pvmj4-_cCfsFRnP9e_HYznDY7JnK_egY2clMawb0_A1MV7T0DLm1f-7tDbYI_5k5LRTM0ksw&cs=-617607420067195757705&slot=native&fv=1264&ts=1696611597304&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 16:59:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 5A44 210 B
550 B 607ms
152ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

c0762d668d3fed57e0905570328d213739f28d193d1e07f8e48343a5fd7d88ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F63 38 KB
16 KB 571ms
570ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696604397&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696611596363&bpp=404&bdt=958&idt=948&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&correlator=3788496620823&frm=23&ife=1&pv=2&ga_vid=525398678.1696611595&ga_sid=1696611597&ga_hid=542102546&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2056&biw=1600&bih=1200&isw=336&ish=280&ifk=2300812083&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076838%2C31077327%2C31078363%2C44795921%2C44804782%2C31078489&oid=2&pvsid=1129746354846850&tmod=1625060577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.312ttvtuwvm6&btvi=1&fsb=1&dtd=966

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f07deb7c041d305c380cc29b8d1754b573fa5d4a3f7c233d2a7c42f5ac8722f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16011
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 05B8 669 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/ 20 KB
0 237ms
63ms Media
video/mp4 185.180.223.91
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-91.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 06 Oct 2023 16:59:57 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2A03
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JToRwrpURv6WsIo3ckczIQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JToRwrpURv6WsIo3ckczIQ

43 B
479 B

302ms
302ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JToRwrpURv6WsIo3ckczIQ

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 11Q7Q9QYM6H9MPE6FW81
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JToRwrpURv6WsIo3ckczIQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2A03 70 B
148 B 136ms
131ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2A03
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S_vW0f9-So-Oeg8M0hlvaw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S_vW0f9-So-Oeg8M0hlvaw

43 B
479 B

271ms
270ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S_vW0f9-So-Oeg8M0hlvaw

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SGZGVAVCW3JQBZEQ5V95
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S_vW0f9-So-Oeg8M0hlvaw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2A03
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB3ghNRV1CArcmxVM939JEM&google_cver=1

42 B
753 B

77ms
77ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB3ghNRV1CArcmxVM939JEM&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB3ghNRV1CArcmxVM939JEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2A03
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/bOVHFx2iyBQGhefKWUTV8sn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iCwg6NxE2oJXc3iyDKBSBE3J2SiXvPVK8td8Gg--~A

42 B
753 B

134ms
131ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iCwg6NxE2oJXc3iyDKBSBE3J2SiXvPVK8td8Gg--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iCwg6NxE2oJXc3iyDKBSBE3J2SiXvPVK8td8Gg--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 2A03
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNEUQLS6-15-AC5B

0
603 B

258ms
257ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNEUQLS6-15-AC5B
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:56 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 188511EA95D94BE3925B48484102B414 Ref B: GVA30EDGE0114 Ref C: 2023-10-06T16:59:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHDyuaUzHbTDTBTiK2nQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNEUQLS6-15-AC5B
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A03
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEx0kZpUqtGzNEEzgjPl05Q&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==&google_push=

170 B
188 B

2549ms
2549ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==&google_push=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A03
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWUwMzBlMWZhZWZlYTIzNjVmYjA4YzBhYTg2MjYxZmQ1ZjgwNzcxNQ

170 B
188 B

1385ms
1382ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWUwMzBlMWZhZWZlYTIzNjVmYjA4YzBhYTg2MjYxZmQ1ZjgwNzcxNQ

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a2-19-126-96.deploy.static.akamaitechnologies.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWUwMzBlMWZhZWZlYTIzNjVmYjA4YzBhYTg2MjYxZmQ1ZjgwNzcxNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2A03
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFG_k7KQHoAABmNl4DkDA&expires=30

42 B
753 B

48ms
48ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFG_k7KQHoAABmNl4DkDA&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFG_k7KQHoAABmNl4DkDA&expires=30
Date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 2A03
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNEUQLS6-15-AC5B&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNEUQLS6-15-AC5B&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS13N3FpZDJkRTJ1RnZuVkYuZE83U3I3Q2hqMFpkcmU5an5B&ovsid=LNEUQLS6-15-AC5B&dpid=58160

53 B
481 B

733ms
298ms

Image
image/gif

2.19.126.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS13N3FpZDJkRTJ1RnZuVkYuZE83U3I3Q2hqMFpkcmU5an5B&ovsid=LNEUQLS6-15-AC5B&dpid=58160

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Server

2.19.126.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 06 Oct 2023 16:59:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 06 Oct 2023 16:59:58 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS13N3FpZDJkRTJ1RnZuVkYuZE83U3I3Q2hqMFpkcmU5an5B&ovsid=LNEUQLS6-15-AC5B&dpid=58160
date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 2A03
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNEUQLS6-15-AC5B

43 B
1 KB

59ms
58ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNEUQLS6-15-AC5B

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
an-x-request-uuid: 3e9f25b0-02bd-4133-b07e-43c11aaa2076
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.39.188.243; 178.39.188.243; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNEUQLS6-15-AC5B
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 2A03
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNEUQLS6-15-AC5B

0
500 B

989ms
225ms

Image
text/html

13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNEUQLS6-15-AC5B
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: wTsfbAv58WYNlX5Ml-_YytY6FRW_3ci2SyLpYCIz_AW234Ip-fO5qA==

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNEUQLS6-15-AC5B
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2A03
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=84334ad2-fc0d-4826-975a-19692febbebc&expires=30

42 B
753 B

64ms
64ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=84334ad2-fc0d-4826-975a-19692febbebc&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=84334ad2-fc0d-4826-975a-19692febbebc&expires=30
Date: Fri, 06 Oct 2023 16:59:58 GMT
Connection: keep-alive
X-CI-RTID: 118d5e33-8c01-4315-9ca8-05ff54f5b8fd
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 2A03
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNEUQLS6-15-AC5B
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNEUQLS6-15-AC5B

95 B
428 B

150ms
150ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNEUQLS6-15-AC5B

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 06 Oct 2023 16:59:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNEUQLS6-15-AC5B
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2A03
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1164
https://c1.adform.net/serving/cookie/match?CC=1&party=1164
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=4907826162908467992

42 B
753 B

103ms
96ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=4907826162908467992
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=4907826162908467992
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2A03
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=14
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=aeM3cm3AX4psxUCrzt0hfbInvPM

42 B
753 B

77ms
76ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=aeM3cm3AX4psxUCrzt0hfbInvPM
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=aeM3cm3AX4psxUCrzt0hfbInvPM
Date: Fri, 06 Oct 2023 16:59:58 GMT
Connection: keep-alive
Content-Length: 121
Content-Type: text/html; charset=utf-8

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 126ms
123ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:57 GMT
x-amz-request-id: QGKR13PZZQJQBXVH
age: 797
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: 1qtQVxWi/DHISGBHIO99deg4ePVGlY/71vCcXWbIc/jfDAWUGJ4XlnjrYRO633VuuJhSs6lOt9I=
x-served-by: cache-ams21034-AMS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1696611597.423158,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1112

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 125ms
123ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 16:59:57 GMT
x-amz-request-id: VQM60MBKQFQCY8SS
age: 19830
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: c0fAurhn9vBgbP8wnJn2qGbHXMl5w9VV2jDxhusPnM555o+lMkYVqeqQaj6/ZFBDYNqAhNcfUlc=
x-served-by: cache-ams21034-AMS
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1696611597.423128,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 94
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 5439

GET
DATA 200
OK truncated
/ Frame 0254 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b745581dfbbda83e02e06aa6854beee0c1c640a2b7495112023b11241c68ca9

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 914A 41 KB
13 KB 117ms
116ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DetAXWsORB5jBCcFvy8hS7stLgM3-9gOuoV0rdnegAGOOqFU1ndGdEbr210x3ZKgZFuKofs4U_OUf5oG5SvmvbVYUGnJUjs27Yf5-dE_dRKSLb8K5w4NbG6f-wnGjA6Ayzlv6AdCk9LtcvyO87gx_rP2mKcZGyZn7ZnQ4MCN8UnA43tDo&cry=1&dbm_d=AKAmf-D5uj-eoYzLbpBCNH4_fwp-OFiTPVFVnWaw3at1t-55fB85TorlCDRE7G2jbON1qdHgbod4aD-rOy58EKVQoK3cHqMaE4L0wUAngD8C6IdkTfIkzBQj3-D72amvV2n9oATX2nkmom1fIfWnPYcHX2fnEel73Yao_Z1zFG3PZb587sp-CgtKx0jrnWSlk-h9hM2zwX6aNh1KppiqDERd46qONC1y6kr0Ggee5w49e9-DW6LLNmdXm0iEkwLcqA7NnNTDDImE_BxoR-K7S4qK-CfccZNa-z_dXvS6i16BuQFqqoVMzlVoGRQhNEJztGjTPWRLuA9IUCoCyGJyNBc0gR5vRlHTPTQP3NhZPAHWdccmYTjiLjm8beXRskBNTQHlDF4oZsplD3NtQgmh_VeRXXE2TCIYdUgGHj-tVI67_wop6N3dpqOCgRgnK-hrPUPogPn4V2bHsjuyN_u-tk-qX6e0TVeXVwxJTpf3ydVAMb9Ilt0NpCw7Z3cVhdJwKawyNlDWq-YX4veAnxLIQvbrq0SyIR99ZzsQWjbQitHgsL6ICC7raO2Rnicd7JzYM26jiv-vAFKLcLX3M25UU3awvvADR2cnNGtvoN0X73M06jN95JYzVMn5ShEY1gwVsRoLKutCtPBTqvPstW_y8GQ0gblgiyRKmHv_jCWfvbRS5gIYsUzJUa6qkbBX4LL5hOql27I83XMqDCRWyIuYI5QuKvdEXGXuvLPGl_j434CH0N0L7c8rvES9Yo9Nzmtc-OZfhAxrMFTZq7nsKNVhV1cxdNedBC12K5Bu9ThJNG6afuIwajzqqdX6Y6GKhNCPxUAny-P1zYbHjMPjG2uBFVD47bvgnV47L_cW8wMElKmLL8-qWVHrU_DkSjUUUXas7nn_7HmDpVYyhyj5p6VZVr13QX69_wjlpCT8Fxss8URQAg9DTF2XN-L8F6z7WnWfianuz7kPtZlPmhjr7xlUA04w-APAJQ2uAav88nrRVdWKXWB9eifXzJSQlKAX4L0_45EVAsZLI5U1MLqzuVFl1rLld8XQ_8Tp0iv9S0uxQ7V_4UI9OGn1tk3hmL8j-8JXh1Dbjj2Fdklc02mmWt6co8DVsEe6_IzzZjp9GKKQxOWXaHrBwFrzMOUkFZU-FqC4kXDzNoHrkfH9xm9tBTGwnG6hl-Hahr6l-nZgxGy4xsnwTBvUIinb3RDkw63kmCw6LO9CcoylPwAnTXFp5Jk49GLedvT2wyIIytB1h0Le1zN-1ZtU85RxLd-Hpg1wAkqDeAsN1_GPMiQA7xRbcUGVZ74SdNVtOFn2AvBELZ6QvmB2R00Ad96E-YpB3A8vh-AXfNu0h6RyPm3r5Pxyz-36gogTV45_8w5dxX5WC5x-j6IJNJtCbej2JauOQBX08RfhiRLF-eHQDwlbLLySJUSFAo3eirw6ke_LHECZinVVBeZ0Cyp2Y2K4ImTOVj4754t-I5gIVO2EeZ-keLimkZ-IiDKgAI6r4oRORl_5Ag3sVcj0JKUfKsiAnA8PYsTHDABhDP_fFM9PlNXumG4sYc2hOahCcyE74XA8scEVdVzQm4JK2bxsPKFx4RyvmqUOOBPDZg4Xw-8KCh222W1cKaoCl5PrOfchKjiyXd7bIVdMzH79Wxo2GuWvmCpbG3XZ8QddZVvjaA--uZodm8KZD-p9bQd6-4AKdpeoBvBanCi5-6ekU3yP5q9GvDogr7ThzawEOeGpHBSeRNezS3SG6P-UeiBujF64B4288zCAtUdcF0YZtZ-nwogCBZG3n59eRONngTT1uo1KFGDEMb5SnEFI2w4vot3aWJ0me6XcDk1KFutmTrmNQePuDfrGCbkaCPx0Ci-z7tHLwLOnPAZe4i7n0MhEAWjV6E3u_CltqC2bfVDZkIZ2V6hHtwWooyZ9l8cA6bmPSkMcDb-qNEv8lFnWhGIX0wjtdMgixS0VwbUrmqsm3Ah-15nomImajM1mYRXRB6cwVnj4HaGkXiuB30fIzluJ7zk4eTHc3atIaJx8It_GOPlG6WSMEwOb2bXBf1rJZ8QNgyc2I7wEno7EA_G4_43T49bzC5tjCooMGIrake83GiyTAwgcbYFrUl_nDue6sgr-EBNWr9WvROGp-3ptTVvg5kS-Mj9EFbfubVGBMuDSnTX11LwzjcqFHfvKPz17W9OSSDqYtF2Qxq8MuaAXTgxwOq3LMGqa_pCEGkM1tiu2MJMyu4_jsqv9wbIJ3iCd2S4AcPFYv0rfw_fbn-lPAvAmpmAN8Q51zfTxXzca_Ed2HYLpLDqJeVDAHPpqvyvB6_SylUV84qDbkiRTd2Af_14zyPqnbxFrXTuZg5yOtfZIfrxvq5-5aSYeKOhtlv6CcLB7DB0O8fRH3aU9grtmdhDZ_Hzhs7fgIGYru5bbxtF4BZyMvDgMi-RVrHvo8kn2aCWaYnQnZP17Opu3BybgaGZG-KoUx_D6POvqzLRm2mbnHQ-1GykDSeyT9CyfyzB29zzrhA46aRzDLGd593Yy3QPU-wkKXp_h0W2Vl08wl7BU79SbmgTulLhPjqmMWqvRtiYUbSvNTet0-p9OVpT8xSEw86KSuZ5Adl1JFCTpkCk8Ajke7d6SVh62tiqjycioweGQLqc5jYd3maoG8Npa2YtpfRNUkrUM_gQ9IkFf3Hno4IBQRuiqbUWhn1hXfcAkh_RJ82rLa-Owa5FvDJI3rPGfZsL2nE2YJx_lAaP33yqcWmKorTyS7S2P33uxUEnOQD94LdhQZT-CQwGMtOpF_iN8o-Xedw0Kp8tn6pOn55I375MBK1q8h62pSPzrRbOzej8Yw8LMsJyek9g-J7bGS85StdJ_gmmZxxoPZn7XpjggZRQVQ1fac_n7J3438ryw9VM_tb9sLhlwdnYGDR7ReY2_TfUdu_i9ookxT3gAlXDuNsZ94ZVshG3RxGoYkCdt7W2d2iFERkrpB6kjDDWJOvpyE87Xd_uib11KrR78JA0EtR-rR8BtXhPwLgg9oi-e16wWRl7wRHgy61eDJZm6slk5FfkGVTLANQDRky2j7KGQFsNyKiO_Xw49Ev3Fn9oF3WsMnsuYvs25xOBkvZSWAJyL_kFpFZiRDYTRfNgvEY0wIXodGl10nP2QWSbSumu49K-hPengm12HeSJkQ5Q2IvJxPjR9sKBlYTQHBtVND3FmMUtdae8bh1abp_6xC4ye6QYJztgJbtl0g-eWcFfGbddlhQjcTyYtG1yhy3L8yE4Oz3idxX-8OtonG8BYVc2nG5CavTBHlxr991KYaM6G1dEq7Ut_jNRAX_rErkdvRaOYqGOeW0syAPScFBGx4Jv6iQoDfvyp5Oa_-zPrVwwvwei0L9QlTKZBoEyGaxsORqNhsMjWCDLL8KCQeR8B-N5nPdKU-2aj8Nsx_q8lYenxMGBBMo-LqlIJJEmNzd-v4hdiSgOem6eRukOHFTh0H-e4M2fho_jOUZ9dtS1JcbjSEL0_6351632K2nO_6H3IWU6kc493oNTPueywCCUIn4iU6gxFcXfTdc8ksD4OTwNJuUwB0eNPpYUpBSZJJmqq6HM3DSJmqqO2UAx8Emkk7SnBmSj5VZH2_qeX9lLaWBqDKdJffntVauc-GhL0Xb16UbLRl5-CA4jCtOb80n3sp5IaG-d3O-0FfJz1oQVhu9ZyMplPIsEta7lg4Z7815Ly9VdeQBxnw5h_izczBv81VkTZRdjI-WAQBgtdk2WwQ_yxMjblkHyhZlxdB9rrc4WPmYZDv7fQY9nplCOki7NY6UQ2wXDVn47iRsLDwuvf5aZh2zUO1E2loj46LxPLUQ_eosC9RZ8_tvCYQJbpaWOzdhzOdAGdBEEHIcyNimkHOFXeiloviEAkMlZG-bUSHdZm8JJyA9qELRxle9YVY2wu_eqnqdoqw4Ihczcf8j-Cl_EZMoYu1d1JEhf07Z_4rceeN_TokSSZilSjVJiWM2j0nUEpmdPh8qyrEh6EA1UtfH38-AugZPq-IC-ifQs4xWGv5JxpoYLHEcXtuyH92mJ0qe0IN7EQi4D_tSmhxM-Fkwgu2lp3tVmUWaKH34-hREqPOhHhFWutHKQOr0YpB9dhAePaUg9vtYZHi1pmmOJoFfhE44TBWZ2CiVg_51zhvOeWeL3b0aa-VISvq1qeE7is7JgASP8fk8qyQrL6HsEWKGAvs8RFJJ63XNdxHg&cid=CAQSOwDICaaN_ZXEj_YxwYk6KHhRG8VxqrqojjOsvyK_055PZ8r2QvtYtjYhBB8eaRhm7zg7vz-rB64T7Oe8GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=3142597607363725000&adk=4188270525&idt=207&cac=0&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 CfgbUMFGrlTQn8t%2FPx892WEcjgW7r2XJsmZfVxPwJLn0cBcuA5CBw2YN7ZjzYc%2BJr4lIYwYsGI8CsxhQ4IVyZUPH4KwxcXm1xaVDG07GjYaW3IVQ7Pn7imx4wILMEs5dTr%2FIP8%2BvgGS1pNqjgzSeHUTZV%2FCM3MffmpXdZNAOSsfQJuvIBKDJB5Dczms... Show response
ad.vidverto.io/delivery/video/pod/ Frame 3DE6 45 KB
19 KB 106ms
105ms XHR
text/xml 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/CfgbUMFGrlTQn8t%2FPx892WEcjgW7r2XJsmZfVxPwJLn0cBcuA5CBw2YN7ZjzYc%2BJr4lIYwYsGI8CsxhQ4IVyZUPH4KwxcXm1xaVDG07GjYaW3IVQ7Pn7imx4wILMEs5dTr%2FIP8%2BvgGS1pNqjgzSeHUTZV%2FCM3MffmpXdZNAOSsfQJuvIBKDJB5Dczms97g2ZVjy0hV2bU9CNrJbdsG1MzaBJ%2F25kBaK0fsjoLtK4K%2BGYOEQbHc5VUvbz1YwRRvUvdLb2usdrDZqeCVJhvXI71ZQxucaekqCfjnk%2F8sf0cUHZfMIc2B1kcNeONyVU9wH5M11D9SSXJ3arkdbeN7RD9Pqn9KAFylwYcHibnVoxvpRxWHatg4DomEQ6j9xNi82vruK60YaRQBzwPJT6HNQ59QCdG540dH6kToIcpXe6R1%2F1lGVQzzzspexVrmzj5xvlLtBT%2FO6wGPOY7y1L6nS7ZWicEqKsMOaPoicKDDqTkUqzo5yOwxUWOAuXTOwi3Lg67PT394y63QuI9FFDpS%2Fi1T3VSJ2cX4RJnFAumxce00BAVfVElBqJcGqs3WqaIOsOeJKQAx2YhzQULYm%2FucF13pa6ZoVGa6Mejqa2%2B6XdoFA7MtSDwpzTe%2BjsVtyZhpCcZKfCLsmUh3aCVyTzAQq95h9aJ%2FKwzb5EMLd%2Bls2e3wEFNTsaTjQxGKZ230IdjWoXJV3R1%2Btado%2FKZoOEGXhKw7DbWe7YxgvyRRKz1tKWrqR5hwAFqY5fCdkd22ZxRyU1FBfiIyr8BU48k53Mb42s2w%3D%3D?bids=%7B%7D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4ca6c25245d83c0da4cafc1f6194ae19d3875192c8ace08a1fba1ad903c2959a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5A96 22 KB
8 KB 205ms
205ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 97825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/ 152 KB
152 KB 243ms
91ms Media
video/mp4 185.180.223.91
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-91.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=16744448-

Response headers

Date: Fri, 06 Oct 2023 16:59:57 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 16744448-16900083/16900084
Connection: keep-alive
Content-Length: 155636

GET so0m3m0ljrhx
hal9000.redintelligence.net/zone/ Frame 914A 0
0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 225 KB
15 KB 287ms
287ms Document
text/html 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dcad3a55ab97d46b790ea19db3aa9a02fab0df7b293c7261ec982367584f0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:57 GMT
expires: Sat, 05 Oct 2024 16:59:57 GMT
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame C6DB 37 KB
15 KB 61ms
60ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 04:26:30 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 65ms
64ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-ams21024-AMS
date: Fri, 06 Oct 2023 16:59:57 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3DE6 0
234 B 936ms
186ms Ping
image/gif 108.177.14.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lneuqmly&c=3788496620823&slotId=1894248310411.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.14.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lt-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
cds.taboola.com/ 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F05D
Redirect Chain

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1696...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ODlhNzI4MTQtOTlmNS00YWY2LWJjNGItN2NiZTZiYWFiYWQ2

170 B
188 B

1107ms
1104ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ODlhNzI4MTQtOTlmNS00YWY2LWJjNGItN2NiZTZiYWFiYWQ2

Requested by

Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ODlhNzI4MTQtOTlmNS00YWY2LWJjNGItN2NiZTZiYWFiYWQ2
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Fri, 06 Oct 2023 16:59:57 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F05D 70 B
148 B 93ms
92ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1696611597582
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

um
sync.teads.tv/ Frame F05D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1696611597582
https://sync.teads.tv/um?fp=1&eid=80&uid=87716deb-3fc4-44d7-90e2-eef0042f9d74&gdpr=0

23 B
163 B

97ms
97ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?fp=1&eid=80&uid=87716deb-3fc4-44d7-90e2-eef0042f9d74&gdpr=0
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 16:59:57 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.teads.tv/um?fp=1&eid=80&uid=87716deb-3fc4-44d7-90e2-eef0042f9d74&gdpr=0
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 728291
content-length: 0
expires: Fri, 06 Oct 2023 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F05D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/teads/89a72814-99f5-4af6-bc4b-7cbe6baabad6?gdpr=0&_t=1696611597582
https://sync.teads.tv/um?eid=132&uid=y-HvLrBdNE2oRhOJb.QpXQMy2E31W8anXbPUk-~A

23 B
163 B

110ms
110ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=132&uid=y-HvLrBdNE2oRhOJb.QpXQMy2E31W8anXbPUk-~A
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 16:59:57 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

date: Fri, 06 Oct 2023 16:59:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.teads.tv/um?eid=132&uid=y-HvLrBdNE2oRhOJb.QpXQMy2E31W8anXbPUk-~A
content-length: 0

GET
H2 204 /
loadm.exelator.com/load/ Frame F05D 0
324 B 362ms
118ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=89a72814-99f5-4af6-bc4b-7cbe6baabad6_eu_ch&_t=1696611597582
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 44858
tags.bluekai.com/site/ Frame F05D 62 B
483 B 525ms
329ms Image
image/gif 88.221.168.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/44858?id=89a72814-99f5-4af6-bc4b-7cbe6baabad6_eu_ch&limit=1&_t=1696611597582
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.168.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-166.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 06 Oct 2023 16:59:58 GMT
content-length: 62
content-type: image/gif

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame F05D
Redirect Chain

https://idsync.rlcdn.com/474599.gif?partner_uid=89a72814-99f5-4af6-bc4b-7cbe6baabad6_ch&_t=1696611597582
https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzg5YTcyODE0LTk5ZjUtNGFmNi1iYzRiLTdjYmU2YmFhYmFkNl9jaBAAGg0IjfqAqQYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEkRgKx01hWEWM8rw_wxyQg&google_cver=1

42 B
60 B

124ms
123ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEkRgKx01hWEWM8rw_wxyQg&google_cver=1
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:00 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEkRgKx01hWEWM8rw_wxyQg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame F05D 43 B
500 B 362ms
116ms Image
image/gif 108.129.25.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=89a72814-99f5-4af6-bc4b-7cbe6baabad6_ch&_tid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&_t=1696611597582
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.25.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-25-174.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F05D 0
338 B 413ms
136ms Image
text/plain 63.33.100.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=89a72814-99f5-4af6-bc4b-7cbe6baabad6_ch&_t=1696611597582
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Fri, 06 Oct 2023 16:59:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1696611598
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

usersync
sync.springserve.com/ Frame F05D
Redirect Chain

https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=169661159...
https://sync.springserve.com/usersync?aid=1000024&uuid=89a72814-99f5-4af6-bc4b-7cbe6baabad6

43 B
206 B

350ms
171ms

Image
image/gif

54.155.136.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000024&uuid=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Server: 54.155.136.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-136-242.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 16:59:58 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://sync.springserve.com/usersync?aid=1000024&uuid=89a72814-99f5-4af6-bc4b-7cbe6baabad6
cache-control: max-age=0, no-cache, no-store
content-length: 164
expires: Fri, 06 Oct 2023 16:59:57 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame F05D
Redirect Chain

https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ODlhNzI4MTQtOTlmNS00YWY2LWJjNGItN2NiZTZiYWFiYWQ2
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1

23 B
163 B

149ms
149ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&viewerId=89a72814-99f5-4af6-bc4b-7cbe6baabad6
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 16:59:59 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3DE6 156 B
186 B 1244ms
519ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=340138653489287&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FfYbLuFWcfQ6fhD3AAPEfHg%3A1696615195%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=CD7D13B0-D90D-457C-9E6E-4DCBE473B1FB&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=1696611597695&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&scor=1070344302342691&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts1_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame 3DE6 65 B
656 B 1108ms
380ms XHR
text/xml 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=1743473&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3DE6 156 B
676 B 1105ms
383ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=340138653489287&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FfYbLuFWcfQ6fhD3AAPEfHg%3A1696615195%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=CD7D13B0-D90D-457C-9E6E-4DCBE473B1FB&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=1696611597698&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&scor=1070344302342691&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 3DE6 156 B
227 B 1629ms
909ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=340138653489287&cust_params=mt_fln%3D1.8&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FfYbLuFWcfQ6fhD3AAPEfHg%3A1696615195%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=CD7D13B0-D90D-457C-9E6E-4DCBE473B1FB&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=1696611597700&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&scor=1070344302342691&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3DE6 156 B
186 B 1749ms
1033ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=340138653489287&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FfYbLuFWcfQ6fhD3AAPEfHg%3A1696615195%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=CD7D13B0-D90D-457C-9E6E-4DCBE473B1FB&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=1696611597702&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&scor=1070344302342691&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 3DE6 156 B
260 B 1355ms
641ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=340138653489287&cust_params=mt_fln%3D1.3&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FfYbLuFWcfQ6fhD3AAPEfHg%3A1696615195%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=CD7D13B0-D90D-457C-9E6E-4DCBE473B1FB&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=1696611597706&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&scor=1070344302342691&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3DE6 156 B
186 B 1493ms
781ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=340138653489287&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FfYbLuFWcfQ6fhD3AAPEfHg%3A1696615195%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=CD7D13B0-D90D-457C-9E6E-4DCBE473B1FB&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=1696611597708&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&scor=1070344302342691&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 13E8 22 KB
8 KB 72ms
71ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 97825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 1483ms
767ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 16:59:58 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 697C 1 KB
687 B 60ms
59ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 32672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Sat, 07 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 914A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0592f88edb5136b6639e8f7b35edd8b7054ebf29ebf22ea3256c873661cd423

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A96 37 KB
14 KB 69ms
69ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 04:26:30 GMT

GET
H2 200 gwdpage_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 55 B
176 B 60ms
55ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:55 GMT

GET
H2 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 731 B
301 B 137ms
129ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:55 GMT

GET
H2 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 24 B
110 B 137ms
129ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:55 GMT

GET
H2 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 157 B
210 B 138ms
130ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdgesture_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 57 B
139 B 181ms
174ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdgesture_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f058ecc947d0bc01e2855afaff0be17a2e30ae1e067ad3a5389b986a62225e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdimage_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 281 B
225 B 182ms
175ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdgallerynavigation_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 1 KB
529 B 214ms
206ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdgallerynavigation_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86ee0e760c043b495df32283b44ba844e416df4ac5189fe6a0d801c781e35125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 462
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdswipegallery_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 830 B
380 B 214ms
207ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdswipegallery_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a09b079f1734cc7dd62f8d037c600dffb6ee43176186d8a1480d2ea0c65d0f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdattached_style.css
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 26 B
112 B 215ms
208ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 400 B
360 B 216ms
209ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 20 KB
6 KB 244ms
237ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6276
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 3 KB
1 KB 279ms
272ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 8 KB
3 KB 555ms
548ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93046
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3191
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 15:09:11 GMT

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 62C8 118 KB
40 KB 279ms
273ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 04:40:24 GMT

GET
H2 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 13 KB
4 KB 555ms
549ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4481
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 3 KB
1 KB 556ms
549ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdgesture_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 6 KB
2 KB 556ms
550ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdgesture_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a7f4d0dace49ce143b43f43372cf0b58d479e4393523bb91ceaae407142e4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2420
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 5 KB
2 KB 557ms
551ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdgallerynavigation_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 4 KB
2 KB 557ms
551ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdgallerynavigation_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c0fb5e316629a9a2a31e0fb9003d57a5f743c0894e029ba3a6e92a3f1179da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1832
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdswipegallery_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 17 KB
6 KB 558ms
552ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdswipegallery_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f568d8264dadea5781e90e648a3b0ee036c0bd1c6f810fd109883b7984c9577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6283
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdid.min.1.0.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 3 KB
1 KB 559ms
553ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdid.min.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bab745658ba458848b2d2df5e0557b98b70867124fd5a059fd25f9801e01a87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1125
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 6 KB
2 KB 559ms
554ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df0ee37b33dc0fd12e59141d6dfe26084afa9f17cc505cfea3c95bf7adec7959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1525
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 3 KB
1 KB 560ms
554ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1293
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 1 KB
685 B 560ms
555ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88346
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 16:27:31 GMT

GET
H2 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 7 KB
3 KB 561ms
556ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2823
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 5 KB
2 KB 561ms
556ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/488501658958091924/ Frame 62C8 23 KB
9 KB 562ms
557ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/488501658958091924/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9229
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:21:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:02:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0254 0
0 200ms
199ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6Fxme2aSlOMHTRTkl8lxfxiRySjqzj9N6-xjPudFHsPWISCfobIeMyaF3pK_70DEeLPiaC_0MLG3oz0LV0qQSGbAhKtj2_f8sHyfszojRIB7AX-f6OEhoJbe6Y34f-VO2sfikiqE9aV5iyX9gnpmdM7Wr8lWFdCcRk0UqxMWXf9YkYD8AqXd4h7PXrSoH-h9M7Adc7NrlNJE&sai=AMfl-YRpaCTVBQMUyAHCZR48FG7DtF-5861FoUc3jq1A7HwWaux4bXa6c9fNw7-z58Wx9jtiM-6uzhwJUF2Gj_h-wl8rHeWBusSfcSoRR9YhFQCok1mxdFt9tqi1DOpiyf4oj0jye84VZEDAP8hPv4OFnqM-DB_4vHo0-Q&sig=Cg0ArKJSzNUdDoSu-uwxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=816&vt=11&dtpt=815&dett=2&cstd=0&cisv=r20231004.18744&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0254 0
0 111ms
111ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBgZm1-_BUbUwisSYDA54SN5Mg_L8NzwCszGQAQH6VtcjHwOtYpR-GPImTIyrVNeQ9zfE32IKUruIFIDlLfws8JBlXyZLMQo8d1QRcpyDwl8zN9xKm2UTfVB8k8oL3917LhhSJjv5CtUtDytmn2Tvyy8n-zjVFvkkJgXR1hFdjjptBTljDjcv0eyG6ej0F4_8fyseQ4kQDcMLF2sZ9OhfpzFBjb0BB5h3ZzT3EAxJVMVPD_Go2b2JXXTr0np1tZQjL7SxfNkgk69JXlhP9pSMwq1XU8WGeXXwfjLsN9eHq6gzH4SysRDqSSssOXZXOlYRFZao&sai=AMfl-YT9qRjFeQbJPbp9CCdBGa7phs6K8243hVx2lbVeCsPuhpErzk8Gd-fgkX02E9UH11z-AM0knk-MqSZCJEoXN9-z3-Syfj8bNbY1PWUMoixTk61X9cIc7-AmZiu83Q&sig=Cg0ArKJSzP7hdxZEiTXcEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 16:59:57 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E5B 17 KB
6 KB 63ms
63ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 16:59:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 697C
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFn7l2LXEFjZHCZy4qzYtjc&google_cver=1&google_push=AXcoOmTLbPKKPDhiQzSW0Elu1cL-5-kp-cuLzdfpP_dGjtv5bM5b9YY...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6d916386bad115a7&is_secure=true&networkId=14000&version=1&google_gid=CAESEFn7l2LXEFjZHCZy4qzYtjc&google_cver=1&google_push=AXcoOmTLbPKK...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI928fiaFK8QMbow3HAAAAAAA&expiration=1696697998&google_cver=1&is_secure=true&google_gid=CAESEFn7l2LXEFjZHCZy4qzYt...

170 B
188 B

1896ms
1894ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI928fiaFK8QMbow3HAAAAAAA&expiration=1696697998&google_cver=1&is_secure=true&google_gid=CAESEFn7l2LXEFjZHCZy4qzYtjc&google_push=AXcoOmTLbPKKPDhiQzSW0Elu1cL-5-kp-cuLzdfpP_dGjtv5bM5b9YY95XF7v4cc2fDRKI67tCaeIJJJgZlSgyAHG_lUOdDD0Hw

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI928fiaFK8QMbow3HAAAAAAA&expiration=1696697998&google_cver=1&is_secure=true&google_gid=CAESEFn7l2LXEFjZHCZy4qzYtjc&google_push=AXcoOmTLbPKKPDhiQzSW0Elu1cL-5-kp-cuLzdfpP_dGjtv5bM5b9YY95XF7v4cc2fDRKI67tCaeIJJJgZlSgyAHG_lUOdDD0Hw
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 697C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEA52j-ojQ18VWDPnhWqfbLA&google_cver=1&google_push=AXcoOmTK47extfFVy9xexNWpebMHPw89Hlcsm6wvF9WG1Ifz7f0JOQCaJKoTYf9AM5cVNvLLJsMA4Gm2i-FWu3l...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aeM3cm3AX4psxUCrzt0hfbInvPM&google_push=AXcoOmTK47extfFVy9xexNWpebMHPw89Hlcsm6wvF9WG1Ifz7f0JOQCaJKoTYf9AM5cVNvLLJsMA4Gm2i-FWu3...

170 B
188 B

2024ms
2023ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aeM3cm3AX4psxUCrzt0hfbInvPM&google_push=AXcoOmTK47extfFVy9xexNWpebMHPw89Hlcsm6wvF9WG1Ifz7f0JOQCaJKoTYf9AM5cVNvLLJsMA4Gm2i-FWu3lR3i8VWFrCD6U

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aeM3cm3AX4psxUCrzt0hfbInvPM&google_push=AXcoOmTK47extfFVy9xexNWpebMHPw89Hlcsm6wvF9WG1Ifz7f0JOQCaJKoTYf9AM5cVNvLLJsMA4Gm2i-FWu3lR3i8VWFrCD6U
Date: Fri, 06 Oct 2023 16:59:58 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 697C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN1jEb3MUV7kUs18bx62Nd4&google_cver=1&google_push=AXcoOmT09Q5tq6n_Q1olrfMiac17uaQmM0roAjD7V-D5V8xhNhmiYtd_hWYqfo6siT-bP01Ye63U672TfEaa...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXufisvIQ4LwL25dK9LhCpNax398Wlhzw&google_push=AXcoOmT09Q5tq6n_Q1olrfMiac17uaQmM0roAjD7V-D5V8xhNhmiYtd_hWYqfo6siT-bP01Ye63U672TfE...

170 B
188 B

2775ms
2775ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXufisvIQ4LwL25dK9LhCpNax398Wlhzw&google_push=AXcoOmT09Q5tq6n_Q1olrfMiac17uaQmM0roAjD7V-D5V8xhNhmiYtd_hWYqfo6siT-bP01Ye63U672TfEaadNwBEiORCVn8zwk

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXufisvIQ4LwL25dK9LhCpNax398Wlhzw&google_push=AXcoOmT09Q5tq6n_Q1olrfMiac17uaQmM0roAjD7V-D5V8xhNhmiYtd_hWYqfo6siT-bP01Ye63U672TfEaadNwBEiORCVn8zwk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET sync
google.partners.tremorhub.com/ Frame 697C 0
0

GET

RX-f2db2578-89f9-4626-8187-259830df3b4a-003
sync.targeting.unrulymedia.com/csync/ Frame 697C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTUEJpBkXIQFZjY9w6mG_PAH6SrNAlPJMDVSUnI7XbvUWllcgRli_0UAZl4KT0dnXjB73oIA1rDTDOBE5E_4tUbysXDQzM&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-f2db2578-89f9-4626-8187-259830df3b4a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTUEJpBkXIQFZjY9w6mG...

0
0

GET /
b1sync.zemanta.com/usersync/googleopenbidding/ Frame 697C 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 697C
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDZqflaDn9I1...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ODlhNzI4MTQtOTlmNS00YWY2LWJjNGItN2NiZTZiYWFiYWQ2&google_push=AXcoOmSjWE1jF5_Kuo14Lex6Y49wqniczsoIs6ZIaRM1x9PsgCtztwZqnlcLRLWNhDnkV...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

97ms
93ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 17:00:01 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 17:00:01 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 697C 0
12 B 2487ms
2486ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtLCH35LfkBnFtawVWn4Stnb20jBwRzA6geB6QVFMvnO3bMlcU2TsfEJkpeqSDYkLFl8CkmT0

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 13E8 37 KB
14 KB 183ms
182ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 04:26:30 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DB 0
60 B 362ms
362ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTxZlDD0gZfyoIZjl7_UPxM6maAAAAAA4AeAEAg&bg=!LS6lLmHNAAYMG8UMLBs7ADQBe5WfOIEjpJllcPh7fxat1HRIympzzr2ZEf0qavOGH8f-ahzYfVxEhS8GQ20Mkgs7oo0WAgAAAMFSAAAAB2gBB5kDRJFEa9bwQ1QcXPq_g_1mnstErd52N2XVuyqfpNM8wHAEnoH-IDvz3ZysGhS3WessFMoNc8cDUNp5gCC46xbPtmaHjcF5IfxLUig4eSrI5yEDv6_ijPEZis5fG4uPtN8QaPZvr7L0-mQbbl4P105GVeh9z-OUHw7ULePDqhcLUvCkfFI6tnVWPqcB1i18ipFMFveAZepfOsbc_TI4ediluYzXon_qHBFr4PSsyfrqXICz8UN7A4SThaKnQpW2VH_Lp-mXrQM-KpQ_nvDHy_M6G7UX9uPEfCDjP95J2JTB7RvAZL8LRuV0OAnUNCgVQnWxm-9GnW_qKPN4552qs8RMfOEdI_tY_uKVXGR2clmkCQo2a7AlKmy95RUzLn9nfj8ffytJIlkqKxH8hdMvxQ1M8fxnCfYx5UPYymU_9A4HG3rqIjINDvP9X8yUD4k9cQpKDcDuYj1oJQgyMzLV-A7-SGKlQvJSvlpsvVNQwS2AiHykXLK3s-qfr1Y3kh2dnUdKPlu8A7dNpuatTDcIrkN30dGYy5MpcQ1PTm-Sk0jpXnNiBR8lRIOzTIOEytFTsBBwv9wcOcLwwB6Uw1fIJcrBDttF1RlyIcJWiiX3piw7vOd994LeWtSr7PUNSNQFFhlPv_5ng4uxPV_0wpr4mS8eOjWYZ3vx3ABjMkmIaMte0qJLkMhY9olUzFWAFyvCc0oClzQr5cIOyWzs2BzLI-K2lM7Hh5P8I77qjn4wtWobEN2wfY50oTmOg4taOlJb31fI35f59n0hxYReyMoQ-4uTSDmLxJKreYMEXuhq4Sv45gNfHhF0zmaB8ZLeRKI9JZFxxaTRpGRsxWj4R1c3rFB7IJt63LjJyiGH0a8WNTKW7KVljP9TujTRHaLdesD8Dmm_i2OCaEIvkegsaLwbwiX958wwHdF8ZIVX5fz7lKyfOVHIHAlYeXxigZFqVglADLpqk-d_783XQQaXY7B_nb9movV6LXWC2ANGzdxwiraPNx4e3aETmSwNKzH0XyNpRWmjkP01a7YkB0GVWQlpYMfdtP0A5A2yfmsmzPOUiXuGagTFlpwb15crRuv0jqfhcnw1D66pCU7qeIDgQulQTeFdW0dEzm5c

Requested by

Host: ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com
URL: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 359 KB
123 KB 78ms
77ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125855
x-xss-protection: 0
expires: Fri, 06 Oct 2023 16:59:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 779E 13 KB
5 KB 71ms
70ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:36:32 GMT
expires: Sat, 05 Oct 2024 16:36:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BF15 829 B
1 KB 77ms
76ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

facd23abd9388bb6b2fe879b6a68ebad4198d233b921751dea5b2a74985c2a7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bckCnAh6bGynwJwQ0eHDPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bckCnAh6bGynwJwQ0eHDPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:57 GMT
expires: Fri, 06 Oct 2023 16:59:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/ 116 KB
0 118ms
118ms Media
video/mp4 185.180.223.91
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-91.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=163840-

Response headers

Date: Fri, 06 Oct 2023 16:59:58 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 163840-16900083/16900084
Connection: keep-alive
Content-Length: 16736244

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 07A4 52 KB
21 KB 1345ms
681ms Document
text/html 178.250.1.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSA9DQAG1x4Kp4ELAAOlw7mx3uFLtKRWhBdczA&u=%7C2NmEQxx2HTbZM8X1%2FW%2B6SFwxL5TkvF8ujP0qRcs4uPg%3D%7C&c1=jWCgqsKSUoXV4BApc600hEeuQFRB3THRdvRmDPQAzG2DRWHlOsLyhmecvTI687QX7b0BMiWcjBZL7uAbGK889YxEQuGaGMQ2zYoRVgRLF7qYJ9_Ovx17Ys01dlXBDjcP0W7WbdjDY4T-7XVYvyrNLNMnW95WqLVAukKEqqGyJUKKZCMTxbPxVDfIQF8FYRwaPU7tptv3qtqYpCWPGpFnWqqsjrGp_vGKeQ21U_aKQRrEkDNzUzW3poO5WnwxbMZN1q6dyC08kLOszhsSDbyG1O1YpeLwywQ-4pzM74fkDrnc01RdrMfrHSy8SI2OkPVCtfLnPftvwgp3LrUEtUPC5DP1cY8y9H7LksdglEsoEEQckMV7qQeQ-yaFrCkltjH_SJ-8UfD5lAaBRR_zTNe5pdw00v4WqYdBYfD79-RKULj3N3_3i1waSc1Rk6WTNPe77CBj72PsgxrGzkAVWHSVPIK9TSVzCahAQueX8LQsOj8JR7iHqC0WcqJwWCO1WdEwUgni2gBqB0YRoMIi27J5aIu0iOg10jojCT6iuYCWnOyPbwm6MBmi1GbeXhAuEBTvv4HGlLwy8fk283N-GE_P00oL9SQkCVmfg7GCX8YeHuHR7D-sb-BeplfeCOH36KDb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1x_RDT0gZZ6uG4uCngXDy46IBcme0rFc1Z2R93DAjbcBEAEgAGD1zceB1ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCCIfFM7W0sT6oAwHIAwKqBNYCT9BZHayHvfpUSzk4zoW3P9b7iX7qq7vQyfHmNkIWtvtQ8SxErWZ-u9mKTh-SwNN_edCsP0KrL5YSnUzgjEQp2BZQk3y5-GO7rTEdf8t7UKy76I7YtlFeLc7-zFgIoFIGpHyBO59qMgMcy6PQoawK3MuOUPdieAaarYNFOX6J8wfjWfvofDfwhNRdV04Z7OENJ3gMkRcQqdMyGD_PPcCiwqaJrPgPxFBLmCpYSlFKxHAJroLkeAYC0qkNvuOv3aQWiYF6cc6wR-oSYkDhBhMTM-IjYiIBOIIAOZTHMIbOKt2oTZCfAymHmLVD00QJ0tMyTYQIFwoxwsYUK-oFMwrRHxZtfUPILsq9xsQEXKbMvyK2kaS5omlDGKo3N-EBlnFztGzEbYPcZhDwc8TNRnl0n-oXDGtIc9CSDu4PW06vKEfT1l7cNgb6UPVF6mLRfoWFqfTF9tDSgAa90eqb96ruyxCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3G3TLNOqu1hhMT3nFlWCnlbtS4Ow%26client%3Dca-pub-4485239425924787%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696604397&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696611596363&bpp=404&bdt=958&idt=948&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&correlator=3788496620823&frm=23&ife=1&pv=2&ga_vid=525398678.1696611595&ga_sid=1696611597&ga_hid=542102546&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2056&biw=1600&bih=1200&isw=336&ish=280&ifk=2300812083&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076838%2C31077327%2C31078363%2C44795921%2C44804782%2C31078489&oid=2&pvsid=1129746354846850&tmod=1625060577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.312ttvtuwvm6&btvi=1&fsb=1&dtd=966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b974d4d5748eac7d7aa1d1d4a47f2bceb2ecc9ca83cf93474ad599c3a745e02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:59:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=d8-r6dYi3q7qhAd4U6v643A75ZtCosm4KukbQd-DWf9k32cnXpCyXULaEiUotMoH0OFCUTQ5M_6u5OUJPn78eGWXBdN5CNtt6TdsTWxsceHdPCF2C5OwAnz3mCZthdjD3HU9b7_B4-js0KLYxJiekMYTH1YivneFjuzunUo9pK2yoPFzf8A7g3Ue7qpdOBlem25moP26eqpWObrfzGoKU6EP9Egi37uKvambnIffviRUBq7PYsnv2QKrOReA9fzF-enoCg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 2562343
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6F63 3 KB
1 KB 76ms
74ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:59:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:59:34 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E0CF 1 KB
688 B 415ms
415ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 32673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Sat, 07 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6F63 20 KB
8 KB 75ms
74ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:33:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6F63 0
0 93ms
92ms Image
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTD440o8aTJL3j0dnRvIhNfmCskDn8JcBADdsUagrRZXdZ8tA7uxl1QXFqNGKbqNJGm-GbMRuzSDO-yY57OmJpCplf7wA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696604397&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696611596363&bpp=404&bdt=958&idt=948&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&correlator=3788496620823&frm=23&ife=1&pv=2&ga_vid=525398678.1696611595&ga_sid=1696611597&ga_hid=542102546&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2056&biw=1600&bih=1200&isw=336&ish=280&ifk=2300812083&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076838%2C31077327%2C31078363%2C44795921%2C44804782%2C31078489&oid=2&pvsid=1129746354846850&tmod=1625060577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.312ttvtuwvm6&btvi=1&fsb=1&dtd=966
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F63 187 KB
59 KB 137ms
137ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 16:59:58 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BF15 0
0 440ms
440ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310050101&jk=3476776858963174&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 779E 37 KB
14 KB 359ms
359ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 16:36:32 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A96 0
63 B 429ms
429ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcYrmDD0gZY-4KLWn9u8PmMC5qA0AAAAAOAHgBAI&bg=!sbKlsv3NAAYMG8UMLBs7ADQBe5WfOCDl-x0itjeJlyC0jBB8ulJiEMe5E_NBtant8RkBwTuW6efdR_nNRSPrJyWihHRIAgAAAGpSAAAAB2gBBwoAPmc015hMmkt1XC-0av36LxIQkXIVonyvLFghPjpEKIq7jYkUoyI3iS3KRcZ-bEOcOO0owvvQgOaNoxsUYKyFmQLEsnkyeN--oVqP_iEIahqOZHsaqiPhh_SQJd1p21HSoY14orvYbQ2fwD-1SHnkCVwSNNl_Updat1kpIqb87z_hZPlD-sfLDaPrwiEj1T0g2o7xTCyawMB-m7X-Am0PY6EDx-FvWDQGeVxP4o4EpjvwdlzrA9M5Vey_w-qw_7GEI8wvOMJYGC0LHJZnvPSZXfltpcsWBn3wYYw4c6LGrHMzGmjp5Qw9JxP77Qq-XnUk9l2-eKBgYrGYLjvMiRHcOHpDFRueXN18aQPJmt3SZ_-3_hRsOlY4PdlWYxKVCzW4oyrMATa7WnbL4ZzZpnY68SbOEPkoyMnqSKNFlO_FfD84MnCZlOBRGz3KHArf_thXfcL1ahOsAKOmLM8EUsEd49Je8U2O77Me6TmV29Djn-HSg0jERmdzgTic_CMtU1JAfmzceubDBjenOISu71K2wqszT8bCgB5d_pxsfn4JfmdWq19_D7w0RrYOtXzJXL7lclFt-W3u3bOpf3a0Rj2ngO-F8Y_VodOAdstOmC-qDC5sE93TLT3W00lqrR8hk0iT0NZhoOmZ2mAeraEqHk1JbjcwdK2Kmbbm39zaBSc6rtvirlTq65Xcg7Q9wSl1AI35zTwQR36vSOuWKd_GqhxushXdgRkSuEX5mV0dCPj64heUbsN6BEsdL0yvauJ4bsyz7YBoEn8mQ7NSmDipNDN1_GTER9r1xrawB_7Ku18O_MoPy0cPEtOJwn2DIvfb89LZiIi75l1q-suGxArpEHxiQSAObN_0iTZjZGY3ZZRab03AriR0GOLqkQ7vdKW5KTR9DHJYi0OjcOvvxZLesdzU59cXF9y5mRZzE20jJp88pqLwLKL8FAgzmA3fA5Yyqz7g15wc9NnxZgdeRynUb9Ns-E-1_4umj5N-B5V1Y-je5NO2W3epqBoYbKwQjc7eV32jkkYUlNpz

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6F63 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b17128b2187033414ecc12d2d1f06e70a742bad113414dd70fb53c006e89672

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13E8 0
63 B 366ms
366ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw7tTDT0gZerfC7-LjuwPvOeJ2AsAAAAAOAHgBAI&bg=!rq2lreLNAAYMG8UMLBs7ADQBe5WfOHhS9toJuOp78z51lR2W5zXwEd5OPwM4aWIS1juVazCunDZD7_yWY4saAj8ZRdEMAgAAAFRSAAAACGgBBwoAeH6tvqdsXQrIXAfeM3DGzteIppt7X9x7ya6MfQKxpqqCdtbjqIJW0m1j7S80tg7fEM65tlP2gkXlbllLAMIccCozCbBpwy6StNOFi543KS1I7ODf1xqvV3Yaqr2mvIJBWBata8qUMgqaOWLjgJoWkWlk_DYgCqtPRZkDA8Frxy4vPq0LBE4P3gvVeNBUpzSpulmnggvOKOcueVEvYFWCOorSllPQOmkSDC5YAUVZBdTPSan2cR8bgDm5FTUytj8GW0d342tc8vYF4adrp13LqF7G3Wx0J4LCVrT7y--pp0QcefRUdV9K_v2eLRagbJJVO2KOoerF8QsCxM17KyaiWkLAmruhvlk9EXMsKKcUpCSlffFDE9QuMzh_tdRJyp0ouXXU1vVj-feDTMHhSdbyoQX6m-hsu7vgjFzv2tpaJ7l_-FDdU6Z2Of6fKYwgde_FE24Z6A7xM0jBHXFrqcFwk3T7MqSr0d7DYo-K-YNqykeKCvlv8UYqlKLVEHnBvMINonQvDCtndLfHgXGPXHzFjhWIXjUhCDin6JfmCwINW56ry1SRHsA0IELZGhMzMjYN1S1tRxCPQvChmn7nK9BoKxwag3skWJuFEKlCbLK1XUlh06DA8KUfH6iXL-Kb7M8TEqBfo2oL6V9F6DvZrlkJZ_dkB7LP2lEiSAUpTUO-cXYH7302O20slN4KK4BxeDmdPJ96qLslY4lOmIHuWANWuJpnLQuyc_jif5qcqXzrg9wb6KzCKTDlCJhqFl81u9TNxCusdYRzPApiy00tZDGB56llL1VJbVfcA4z1Nc3gEWYnxysJbojp93U19jEZq9Oi_LMj5vOqkZt7U0UKm2IAMQmgDcDng6uPEJvpFoYudJhTBoST7Fd_D4AGrgbtmg-5Pc1kqo9SrRe064jS6tnajbdRSmcYRT8a_9yus3v9ONnhmhXyw_Le6e0igha_koB2tbQfo_-amwZczIjIeHz7jwW4-oGI0oP3edpMa0een0gWO2mscpfDhPEPSrveaKEUX5rzSMHU5P5cTzSJwiP4QfVE4nSERs-YjjK2XqDREoMDn8gFQ-e2hFLVEL1gWTCuZPDfvvtpgQ1b6TDEaF6LOCWk-lrwu2E6Z5g3AgP-79GodKQtoVB8XdSvXf4pen9MEM88zGs3cT7rYenjVZvFQn_pfWajuG0Z72ZXMM9dbw

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bridge3.594.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 53B7 724 KB
232 KB 285ms
284ms Document
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 158264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 237562
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 21:02:14 GMT
expires: Thu, 03 Oct 2024 21:02:14 GMT
last-modified: Wed, 04 Oct 2023 14:44:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 02EB 40 KB
14 KB 413ms
413ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:16:40 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3DE6 0
45 B 258ms
186ms Ping
image/gif 108.177.14.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lneuqn2a&c=3788496620823&slotId=1894248310411.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.14.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lt-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 272ms
271ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=visible-1&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&gid=1057213&studio_cid=f1218cc1-5069-11ee-b177-81a24b859709&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696611596861&cid=1124307&pid=169092&p=cm2uk-fWqa6PNUuayLVpxBRaKn0Q3vBmCZ_MFiZcnAUAEOOjvPnGtcWOZzhyxB7aQg_JNcF0rHGSvGQWtWqfG31ZomFuf0_J5agtzcLCoCizUlwAgzyuXCa7E7mUiidBk3mKEowF02liOeeHwmw40HKmw5aknz3L2zuutdRQtETfhT3ZkUpDEiFq_8LNdKEeLSk2DQpbw65PZ9Xjj9euNnbhiV5IiR53gZunIFvQya3E5gOUJbfm8kct34Jz_a1at5e47e0sZMRafaS5MHYYPLafXMITkRTEm_JekUTm7IQcmYv-xIz5nRt-PQhuS0eGRTMS-hNZ3qZVnndDZ2PHdRO6mDsT4zp2Up63hcJvzfV1lg&cs=-601952553445647414205&slot=native&fv=1264&ts=1696611598313&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 16:59:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62C8 7 KB
6 KB 205ms
205ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa77be7aa3bb8cd7cbb7b6d09b32502e660449f714aab5cae2860f1ba9019a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5646
x-xss-protection: 0

GET
H2 200 Logo_fr.png
s0.2mdn.net/ads/richmedia/studio/pv2/87300798/dirty/ Frame 62C8 6 KB
6 KB 122ms
121ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/87300798/dirty/Logo_fr.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c6a7eb42db9a5ca18f5bdd368825e25c4313ba9b2f21c980c0f3496a99ab67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:50 GMT
x-content-type-options: nosniff
age: 35648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5763
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 16:23:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 07:05:50 GMT

GET
H2 200 60001484_20230922043457953_prod_03.jpg
s0.2mdn.net/ads/richmedia/studio/60001484/ Frame 62C8 139 KB
139 KB 285ms
284ms Image
image/jpeg 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60001484/60001484_20230922043457953_prod_03.jpg

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a77444cedde2f1fb6a0980da41e0d5119c5e8535f970a13fdd36245b4e2a7305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:16:08 GMT
x-content-type-options: nosniff
age: 35030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142595
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 11:34:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 07:16:08 GMT

GET
H2 200 60001484_20230921233842625_prod_02.jpg
s0.2mdn.net/ads/richmedia/studio/60001484/ Frame 62C8 105 KB
105 KB 1168ms
1167ms Image
image/jpeg 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60001484/60001484_20230921233842625_prod_02.jpg

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deed6831bf7dbcdbc036ba60b9dada87eb2df4d1da4d6488499aba5c61e06cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:16:08 GMT
x-content-type-options: nosniff
age: 35030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107369
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 06:38:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 07:16:08 GMT

GET
H2 200 60001484_20230921233838468_prod_01.jpg
s0.2mdn.net/ads/richmedia/studio/60001484/ Frame 62C8 237 KB
237 KB 939ms
938ms Image
image/jpeg 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60001484/60001484_20230921233838468_prod_01.jpg

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00cdef0d0a1479c6336473e6ed351223c1c1da33eecd3e63a40cda9469cee39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:39:38 GMT
x-content-type-options: nosniff
age: 66020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242592
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 06:38:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 22:39:38 GMT

GET
H2 200 60001484_20230921233850223_visual_ingenieur.jpg
s0.2mdn.net/ads/richmedia/studio/60001484/ Frame 62C8 251 KB
251 KB 1285ms
1285ms Image
image/jpeg 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60001484/60001484_20230921233850223_visual_ingenieur.jpg

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44603e9bad4a7793dae8bb50619434b2dd6871174632f8486291230e2c3bcba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/488501658958091924/index.html?e=69&leftOffset=0&topOffset=0&c=8RrsrQFdge&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:16:07 GMT
x-content-type-options: nosniff
age: 35031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256992
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 06:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 07:16:07 GMT

GET

sync
pool.admedo.com/ Frame E0CF
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJg2JCjYulzeJNAK92ImEf0&google_cver=1&google_push=AXcoOmSfN1N2dWIxnKFyJ7VJkiKtVdzaIrL_BKRnenyD-SvvVc-OJ0Dz49ZeZOZ1uKTYHJYgIR0fVT6peei-bPvcjPff...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=adcdc1e5-a9c7-4575-a570-0c6a9a552a6c

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E0CF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_UKnxb2xyoef6lfSBeukY&google_cver=1&google_push=AXcoOmT2yo6qbutOyYvbWXO0BeOlVAF7u7mCf5Orj6q3LsULsDMhTL_RvTftCu-YyxKZ3_3WdPPwzXPF...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI2MjE4MTIyMDM3Njg1MzYwOA&google_push=AXcoOmT2yo6qbutOyYvbWXO0BeOlVAF7u7mCf5Orj6q3LsULsDMhTL_RvTftCu-YyxKZ3_3WdPPwzX...

170 B
188 B

2249ms
2244ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI2MjE4MTIyMDM3Njg1MzYwOA&google_push=AXcoOmT2yo6qbutOyYvbWXO0BeOlVAF7u7mCf5Orj6q3LsULsDMhTL_RvTftCu-YyxKZ3_3WdPPwzXPFscI6ssABSaU8EEqJoQI

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI2MjE4MTIyMDM3Njg1MzYwOA&google_push=AXcoOmT2yo6qbutOyYvbWXO0BeOlVAF7u7mCf5Orj6q3LsULsDMhTL_RvTftCu-YyxKZ3_3WdPPwzXPFscI6ssABSaU8EEqJoQI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E0CF
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJgVTrBEIOom6DQXK8Sr9rw&google_cver=1&google_push=AXcoOmT3qikN7n3DsQcUXDs5Q7nDgvi1I57jNkA-XtE-NpmaIR3qvW--JKo5j7VxSLQWAH0kF5TYEtOMnPwy1...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJgVTrBEIOom6DQXK8Sr9rw&google_push=AXcoOmT3qikN7n3DsQcUXDs5Q7nDgvi1I57jNkA-XtE-NpmaIR3qvW--JKo5j7VxSLQWAH0kF5TYEtOMnPwy1...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT3qikN7n3DsQcUXDs5Q7nDgvi1I57jNkA-XtE-NpmaIR3qvW--JKo5j7VxSLQWAH0kF5TYEtOMnPwy1I9GgVY9PoCp4WE&google_hm=Z0trbkE5OHRsWUNFOHNNR...

170 B
188 B

1723ms
1722ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT3qikN7n3DsQcUXDs5Q7nDgvi1I57jNkA-XtE-NpmaIR3qvW--JKo5j7VxSLQWAH0kF5TYEtOMnPwy1I9GgVY9PoCp4WE&google_hm=Z0trbkE5OHRsWUNFOHNNRGhSUkM=

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:59 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT3qikN7n3DsQcUXDs5Q7nDgvi1I57jNkA-XtE-NpmaIR3qvW--JKo5j7VxSLQWAH0kF5TYEtOMnPwy1I9GgVY9PoCp4WE&google_hm=Z0trbkE5OHRsWUNFOHNNRGhSUkM=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E0CF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEx0kZpUqtGzNEEzgjPl05Q&google_cver=1&google_push=AXcoOmSNnM8PfdxsYbhHWM1urOrWx84vlfmv5x890DEMaAmDUhVnTeVA8d5_jW3I2EJaLl3t2Mh...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==&google_push=AXcoOmSNnM8PfdxsYbhHWM1urOrWx84vlfmv5x890DEMaAmDUhVnTeVA8d5_jW3I2EJaLl3t2MhEEtcFr-ImEcbNgU3HghElM9M

170 B
188 B

2379ms
2378ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==&google_push=AXcoOmSNnM8PfdxsYbhHWM1urOrWx84vlfmv5x890DEMaAmDUhVnTeVA8d5_jW3I2EJaLl3t2MhEEtcFr-ImEcbNgU3HghElM9M

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FVVFMUzYtMTUtQUM1Qg==&google_push=AXcoOmSNnM8PfdxsYbhHWM1urOrWx84vlfmv5x890DEMaAmDUhVnTeVA8d5_jW3I2EJaLl3t2MhEEtcFr-ImEcbNgU3HghElM9M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET exptsync
ads.yieldmo.com/ Frame E0CF 0
0

GET ebda
match.360yield.com/match/ Frame E0CF 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E0CF
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDlBCDit18N5afZnFrlKZfU&google_cver=1&google_push=AXcoOmT-l9EYYhlkBijXelFzFwAJM90FQCDLtg3db2qPu7tUDAGrvjADTNpBNxGnm9NM69QMiLwRc_...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmT-l9EYYhlkBijXelFzFwAJM90FQCDLtg3db2qPu7tUDAGrvjADTNpBNxGnm9NM69QMiLwRc_oYnkj4VEAwEsW08MG1jg&google_hm=MjU5MjEzMDE5...

170 B
188 B

2393ms
2393ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmT-l9EYYhlkBijXelFzFwAJM90FQCDLtg3db2qPu7tUDAGrvjADTNpBNxGnm9NM69QMiLwRc_oYnkj4VEAwEsW08MG1jg&google_hm=MjU5MjEzMDE5NjYzODU3OTYwNQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmT-l9EYYhlkBijXelFzFwAJM90FQCDLtg3db2qPu7tUDAGrvjADTNpBNxGnm9NM69QMiLwRc_oYnkj4VEAwEsW08MG1jg&google_hm=MjU5MjEzMDE5NjYzODU3OTYwNQ%3D%3D
date: Fri, 06 Oct 2023 16:59:57 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E0CF 0
12 B 2497ms
2496ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUpQHwSVW-8rCdmbuD8uisIWzSBIqbC6gTX7SP1XZCZA8ECm2EJCHdE5oGZXvbrbPJLuA8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F63 0
133 B 178ms
178ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cex0SDT0gZZ6uG4uCngXDy46IBcme0rFc1Z2R93DAjbcBEAEgAGD1zceB1ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCCIfFM7W0sT6oAwHIAwKqBNMCT9BZHayHvfpUSzk4zoW3P9b7iX7qq7vQyfHmNkIWtvtQ8SxErWZ-u9mKTh-SwNN_edCsP0KrL5YSnUzgjEQp2BZQk3y5-GO7rTEdf8t7UKy76I7YtlFeLc7-zFgIoFIGpHyBO59qMgMcy6PQoawK3MuOUPdieAaarYNFOX6J8wfjWfvofDfwhNRdV04Z7OENJ3gMkRcQqdMyGD_PPcCiwqaJrPgPxFBLmCpYSlFKxHAJroLkeAYC0qkNvuOv3aQWiYF6cc6wR-oSYkDhBhMTM-IjYiIBOIIAOZTHMIbOKt2oTZCfAymHmLVD00QJ0tMyTYQIFwoxwsYUK-oFMwrRHxZtfUPILsq9xsQEXKbMvyK2kaS5omlDGKo3N-EBlnFztGzEbYPcZhDwc8TNRjt2vniXn7t11QC11GIvsuqhD01l3HDEtLIybVO3VXz9Zh1PPdQsgAa90eqb96ruyxCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=p3k1AOOylk4&uach_m=[UACH]&cid=CAQSOwDICaaNarglRwYPERC5sRfJwagaP_FTTe6hKox-cRELqHsMlEQlavxcTribdJqaJKE8JmuuUHBokjTIGAE&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696604397&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696611596363&bpp=404&bdt=958&idt=948&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&cookie=ID%3D656cb4f00c4dbbb8%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MY97YZziGmOOMaTMWCjt_rS8o05aA&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&correlator=3788496620823&frm=23&ife=1&pv=2&ga_vid=525398678.1696611595&ga_sid=1696611597&ga_hid=542102546&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2056&biw=1600&bih=1200&isw=336&ish=280&ifk=2300812083&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076838%2C31077327%2C31078363%2C44795921%2C44804782%2C31078489&oid=2&pvsid=1129746354846850&tmod=1625060577&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.312ttvtuwvm6&btvi=1&fsb=1&dtd=966
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Oct 2023 16:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6F63 0
0

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 779E 0
40 B 116ms
115ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bIER9g
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 62C8 17 KB
6 KB 162ms
161ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 16:59:58 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 914A 42 B
174 B 244ms
244ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqxbKEJePxYb3zIE16QeCbjHoRdh0CWvWG1B6V1mhU7kvtCoEtoWdXNgenoOi8C7JEk2R4pzGSqkAcemPLLtPp5SPTqX98gaMXmtxDeWQAMcLBbHYzaV2-T4DuTZlt&sai=AMfl-YRtzX293WZAEH113bfznQN5Divf0FUsNF6UkQco5r7FMMBr1g_3F5EPQAI1WbwbyeDb_tOsZU_cIzpO73M5KagOdvb0X1F5NP9uM4K7lBls8Xnp3HyDh2llM3A&sig=Cg0ArKJSzGSTvCw-YiPwEAE&cid=CAQSOwDICaaN_ZXEj_YxwYk6KHhRG8VxqrqojjOsvyK_055PZ8r2QvtYtjYhBB8eaRhm7zg7vz-rB64T7Oe8GAE&id=lidar2&mcvt=1000&p=1110,650,1185,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696611596501&rpt=1250&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0254 0
64 B 156ms
155ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4650964623003&version=m202309260101&ct=76&x=38&cor=8929144024503426000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3DE6 0
45 B 114ms
113ms Ping
image/gif 108.177.14.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lneuqnl5&c=3788496620823&slotId=1894248310411.5&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.14.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lt-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3DE6 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame 3DE6 0
54 B 233ms
233ms Ping
image/gif 108.177.14.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lneuqnzd&c=3788496620823&slotId=1894248310411.5&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.14.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lt-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3DE6 0
0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0254 42 B
108 B 446ms
445ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuY4Bq867UNhAiH9qQy-wbyERQBcmE_XXxndqmuw4BBoxVP_A1my-HZVTzVU2La1GYz6WQ5sHZEpNb6h-SELF8LxIbbDcLta2KSnHQLs0ZxUc&sig=Cg0ArKJSzC1ck1HyC0pjEAE&id=lidar2&mcvt=1035&p=0,0,250,300&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696611596321&rpt=1462&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0254 42 B
108 B 684ms
684ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVqb-AlT-IpSRjvDHECeh6nIwPJqMF6ANFmPomLB084SOg8DbFc6MJxwF7I6u2co_Tt0qt9h4NBaggigPN5OLkQbHxcYL3igxJ6kjP_IOIC3fDBNhHvDu42RqSqLBm&sig=Cg0ArKJSzI6sj66ovAxpEAE&id=lidar2&mcvt=1037&p=60,285,310,585&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696611596321&rpt=1457&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame AF2B 37 KB
14 KB 227ms
226ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 16:36:32 GMT

GET
H2 200 pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3DE6 42 B
174 B 90ms
90ms Image
image/gif 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 794ms
222ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 06 Oct 2023 16:59:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 192779
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 104ms
100ms XHR
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 205984
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
419 B 174ms
173ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: de9552f2e98c01607e6b5809602606bab1a948a927f38d655d46fdb133cee593

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 05 Nov 2023 16:59:58 GMT

GET checksync.php
contextual.media.net/ Frame B143 0
0

GET
H2 200 / Show response
csync.smilewanted.com/ Frame B50A 6 KB
2 KB 165ms
158ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 811f753d4d3c99c2-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 16:59:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd Show response
adpushup-d.openx.net/w/1.0/ Frame 1571 653 B
726 B 94ms
72ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 96e81e20aa86dfcc6ee611d6dc11938be8cb09c605fa2074169d7bb885b4bf50

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 414
content-type: text/html
date: Fri, 06 Oct 2023 16:59:58 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET sync.html
public.servenobid.com/ Frame 989A 0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7B26 281 B
554 B 90ms
90ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Oct 2023 16:59:58 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 42AD 37 B
140 B 551ms
243ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 06 Oct 2023 16:59:59 GMT

GET
H2 204 isyn
prebid.a-mo.net/ Frame 0B1A 0
0 159ms
159ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Fri, 06 Oct 2023 16:59:58 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A7B0 3 KB
2 KB 155ms
155ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1696611595396

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

af675b8e6b5ec348881e85054ab201006e6a4ba65b192c7273a939d2b1fbac9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1257
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET ixmatch.html
js-sec.indexww.com/um/ Frame 6CAA 0
0

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame FFAF 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame 3DE6 0
45 B 258ms
257ms Ping
image/gif 108.177.14.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lneuqnzg&c=3788496620823&slotId=1894248310411.5&faf=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.14.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lt-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7B26 36 KB
11 KB 348ms
348ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 22:01:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17950
Connection: keep-alive
Content-Length: 10539
Expires: Fri, 06 Oct 2023 21:59:09 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 1571
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=eaeVLnz2l31io8Inf6WKLHmglHpiq5J6KaLR127F

43 B
61 B

329ms
328ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=eaeVLnz2l31io8Inf6WKLHmglHpiq5J6KaLR127F
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=eaeVLnz2l31io8Inf6WKLHmglHpiq5J6KaLR127F
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1571
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7262181220376853608

43 B
106 B

108ms
87ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7262181220376853608
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7262181220376853608
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 1571 43 B
855 B 144ms
142ms Image
image/gif 52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=9ce8b9bf-1bc5-c1bb-2529-a1c217da4ebb

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EG2MC6D4TA285PSNW7HV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 1571 70 B
148 B 207ms
205ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=c43ec5c2-076f-7a41-e527-23557fe9855b&gdpr=0
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 1571 170 B
188 B 1958ms
1957ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTg1MTE2MDgtY2UxOC0yNGU1LWYwYzctNzllY2I1MGI0YjNi

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 1571
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1

43 B
61 B

201ms
198ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 17:00:00 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF2spg-65Y9U5ZOi9l5y_9Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3DE6 42 B
174 B 142ms
137ms Image
image/gif 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame A7B0 43 B
442 B 131ms
130ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x8 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:59 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x8 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 06 Oct 2023 16:59:58 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame A7B0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4056016590402551421

0
291 B

88ms
87ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4056016590402551421

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
an-x-request-uuid: cec21d0c-a691-4575-9ec0-4dadc101259c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4056016590402551421
x-proxy-origin: 178.39.188.243; 178.39.188.243; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame A7B0
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=1

0
291 B

86ms
86ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:59 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=1
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1696611599075050-577
Expires: Fri, 06 Oct 2023 16:59:59 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame A7B0 42 B
753 B 130ms
128ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=P0_9b__Zcua6GTwGtbCYUdUOqxK18dzrJ-G1S5kdNko
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A7B0
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXugwWE_jonuYSCe1-l_0TLIJag2t49YA

170 B
188 B

1722ms
1722ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXugwWE_jonuYSCe1-l_0TLIJag2t49YA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXugwWE_jonuYSCe1-l_0TLIJag2t49YA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ Frame A7B0 0
44 B 132ms
128ms Image
text/plain 89.149.192.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-length: 0

GET
H3 400 711916.gif
id.rlcdn.com/ Frame A7B0 0
0 249ms
247ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame A7B0 0
39 B 130ms
126ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:58 GMT
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame A7B0 0
38 B 130ms
127ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A7B0 70 B
148 B 262ms
259ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696611595396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0E5B 0
0 376ms
375ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310050101&jk=3476776858963174&bg=!oqGloe7NAAbjlzx0w5c7ADQBe5WfOBAR0k_dSHWMkdWawBdG0EFzwSBaTJji_MpqljByT--4HZug7nB-gzQdbazg15-RAgAAAEhSAAAACmgBBwoAqvLL5oWUufPFZIs-T1QSF77vejtzi0bwjby8rNMHAHAc-5FpiFV41CCNiVS9Qj8JWgg7jnB0-O383luG4bSzDLwqilcCJYtPFm6n0frAsSUXoqL7TfKYxo88czG0Elbj3Ow-e5DoHWBiAvQT1UqtOSb2Z6zW9a6Na4qm5DaMbQwYWYLITRSrPkS7uSWsEfY27FN3ShY3pNJ3xxcsmc6RqXCF7ITkEd_ffB7-mQLbNayDmS0S1wCL209ucnoEqec5C2DT1rfxZbiULYn-fh9HOLOzQ7xrriprm_reQu-j_6UE-p2knae_JzAfc0j5oMkIp3mEciBYOLJipMp3_NtZ9uPRIWnlOKzcXq9Iu5eX0w05RnNfx6vnJ_4qKH_cNVKSNHmJUqGNN_6jLi1HoYaW9wrgWUUQuoEgzsyuvbdMwXd6qnVmaUzFD7Lui7oYjNcRgcEoOXdCIRUXEOjWdoldtFEiPO3hp4FDI_kBHELtiQa6L0ZN_LNevJozForw9LG58rpgm52x-xl3EZU8FEez8YUl4nkE_-M8oypu7FYIaprOixp53-qtvLyfInsYZq-Vd0GFC94vWpEjFFCexXszMo2tjwLEXR54Fz-ZDIJ6DfiXKnPT8VOh6jraXME4uSnxaFwutKcXf2ii9NAH2xZRjRsVhYMnwVflFNhyDLqvTAlq33vQCc6VAVUXyt3MuiDec-OVUt67lePy_UWELd8CNrs50cdYW3fBbMIaAdsdK3NbuyM-Y6z5WcHi_gUsQOwv3WMbmfy9hf5-x1rMCadxtNBJdYLA1bPSPAnmv5g8W3kcY6B1oGYipfvUXr8oByuDkDpSqMW0XhcyXgW-H74y7OPp4PloAjtrObk90sixgB9qvsocNNmuFc1qyzNSgy4Wi-gMVw8tBSRqtcbEXOghyphTmaV8maEc3XkgtVpqrtgM1gLGTbiI0LfOlrBLVElvzVZn5yRg9c5LC4bC04a2-ThJO_Wz8CdpjRV0QMYlsaQAvgDgzGad6JS0Nfbo56Zu0SZrNdSm_U-uKn-iwXvPYvdM01E9Zjm6ZMsBXOhuf7BX8_E0RicDq3TLK1dUSkCfBX110f476i8DBAgmyUBtzQ1994Ub_DKvPt8dHx8_d85KWCayV9S2jzznJl4NdlBD0bH6aolH7sGsXgrbWzSne9JavyLMlXyDzgThMZkXU7RfwfsDsXmYFJ8
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame B50A 48 KB
12 KB 199ms
182ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 779449
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 811f753eefcd99c2-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 914A 0
64 B 207ms
207ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7809521414272&version=m202309260101&ct=77&x=1&cor=3142597607363725000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 161ms
161ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=visible-2&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&gid=1057213&studio_cid=f1218cc1-5069-11ee-b177-81a24b859709&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696611596861&cid=1124307&pid=169092&p=Qbi_vcfLfMV7ZtgTVkpgGypRQ1JZkbf0GCpucKJPkZp_mYVTKB8pMm4XD-q8l8yAePdcjjHhfgGmtM-vlOjRafXpTqLgiCqBiZSRs0GRZ4k7PxmRAe9VTYvldQsINZNCy-E7zm62A5mFmcWhVzkNTZtiXzKD6PBTuKnoX3t8zVT8GoWZtKQ181ooOY1j6TDf6pwtU9mZk5us9xyMcqnada8iu2Vu1e-XPnsI3N8wbXvraiXrBGCXyqm-n9WUizp0HvPuNVUBFzfO5_U4j3Wek5OB0SmkfNYWppsapWgfkkD3eb_WvZMTrWpCSX0JSDPZzfl4GwpQZ8nxcpbCmV7b94B3Sr2GJDZmS148HPO_DgPz3A&cs=910141996549053363505&slot=native&fv=1264&ts=1696611599303&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 16:59:59 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3DE6 42 B
174 B 131ms
131ms Image
image/gif 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 07A4 2 KB
1 KB 342ms
342ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSA9DQAG1x4Kp4ELAAOlw7mx3uFLtKRWhBdczA&u=%7C2NmEQxx2HTbZM8X1%2FW%2B6SFwxL5TkvF8ujP0qRcs4uPg%3D%7C&c1=jWCgqsKSUoXV4BApc600hEeuQFRB3THRdvRmDPQAzG2DRWHlOsLyhmecvTI687QX7b0BMiWcjBZL7uAbGK889YxEQuGaGMQ2zYoRVgRLF7qYJ9_Ovx17Ys01dlXBDjcP0W7WbdjDY4T-7XVYvyrNLNMnW95WqLVAukKEqqGyJUKKZCMTxbPxVDfIQF8FYRwaPU7tptv3qtqYpCWPGpFnWqqsjrGp_vGKeQ21U_aKQRrEkDNzUzW3poO5WnwxbMZN1q6dyC08kLOszhsSDbyG1O1YpeLwywQ-4pzM74fkDrnc01RdrMfrHSy8SI2OkPVCtfLnPftvwgp3LrUEtUPC5DP1cY8y9H7LksdglEsoEEQckMV7qQeQ-yaFrCkltjH_SJ-8UfD5lAaBRR_zTNe5pdw00v4WqYdBYfD79-RKULj3N3_3i1waSc1Rk6WTNPe77CBj72PsgxrGzkAVWHSVPIK9TSVzCahAQueX8LQsOj8JR7iHqC0WcqJwWCO1WdEwUgni2gBqB0YRoMIi27J5aIu0iOg10jojCT6iuYCWnOyPbwm6MBmi1GbeXhAuEBTvv4HGlLwy8fk283N-GE_P00oL9SQkCVmfg7GCX8YeHuHR7D-sb-BeplfeCOH36KDb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1x_RDT0gZZ6uG4uCngXDy46IBcme0rFc1Z2R93DAjbcBEAEgAGD1zceB1ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCCIfFM7W0sT6oAwHIAwKqBNYCT9BZHayHvfpUSzk4zoW3P9b7iX7qq7vQyfHmNkIWtvtQ8SxErWZ-u9mKTh-SwNN_edCsP0KrL5YSnUzgjEQp2BZQk3y5-GO7rTEdf8t7UKy76I7YtlFeLc7-zFgIoFIGpHyBO59qMgMcy6PQoawK3MuOUPdieAaarYNFOX6J8wfjWfvofDfwhNRdV04Z7OENJ3gMkRcQqdMyGD_PPcCiwqaJrPgPxFBLmCpYSlFKxHAJroLkeAYC0qkNvuOv3aQWiYF6cc6wR-oSYkDhBhMTM-IjYiIBOIIAOZTHMIbOKt2oTZCfAymHmLVD00QJ0tMyTYQIFwoxwsYUK-oFMwrRHxZtfUPILsq9xsQEXKbMvyK2kaS5omlDGKo3N-EBlnFztGzEbYPcZhDwc8TNRnl0n-oXDGtIc9CSDu4PW06vKEfT1l7cNgb6UPVF6mLRfoWFqfTF9tDSgAa90eqb96ruyxCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3G3TLNOqu1hhMT3nFlWCnlbtS4Ow%26client%3Dca-pub-4485239425924787%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 16:59:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 07A4 2 KB
1 KB 225ms
224ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 16:59:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 07A4 308 B
636 B 224ms
221ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 30 Sep 2024 16:59:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 07A4 293 B
621 B 457ms
454ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 30 Sep 2024 16:59:59 GMT

GET lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 07A4 0
0

GET
H2 200 411af2a7b56f49f4a4dc17a4521c1358_image_ad_336x280.png
static.criteo.net/design/dt/83725/210406/ Frame 07A4 103 KB
103 KB 1212ms
1209ms Image
image/png 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/83725/210406/411af2a7b56f49f4a4dc17a4521c1358_image_ad_336x280.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e01c38214b34d51ac1465c5f2a780ee101225a87086e535b078edad41378cb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 06 Apr 2021 07:53:46 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "606c138a-19bcf"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 105423
expires: Mon, 30 Sep 2024 16:59:59 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5F2 0
55 B 328ms
327ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=735830734922&version=m202309260101&ct=76&x=1&cor=7830363104976622000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ca0ac7379c195db3bacb4a9cfde0eef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
817 B 551ms
551ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696611599385&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1558&pt=-2006107033&tz=120&viewable=true&ddast=V8vCECLAZUISkd6dy36hKoQlI60rlv1S0AAABgYID-AAlZXJvNamFZa0ye4Vq0mk3Wwtlys1ZNVpPRYGFxOXcLIyAhi2uzWS0sa43JM1yLVrPJWjhbbtaqyWoyGiwsLuduYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8uofd51b-XW_lw-8WPOxuocvucwtfb-HT4RY9nG656y142N0yl92teLqlR4db8XTYfW7N0WV3S512n1vitPvcOr_d55Y87G7d6y15vSUup1vxdGted6HpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45GMDlaTY7_wEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPISUnFfa1p7zjRAqEizACAAAAIHvCO39kkk5Qsajy___fbwXgCgBAwGKBu5xyFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCOl44KYBmi78UPMLCACw5hcQAICNugEAeCMAJ-gEwOoExOwAAAAA3Pn____XAzIW027hsUxco8Vw4VmuLMaZw2EbrmaW0WiwW0y85010rVk9b2ylz4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQxOTIOZYTlya4yj4Vq0mtncyuHG5pasLDbbyLEZTJaLtej1MX0cy41luPAiwQDAvUieFulE4dpNZo6VcbCZDSeD1cSxWix8i4lnYVouhhPnbiKWaE4W6UR22Xcspt3CY5m4RovhwrNcWYwzh8M2XM0so9Fgt5j4ixPTYGZYjtwa42i4Fq1mNrdyuLG5JSuLzTZybAaT5WIten1MH8dyYxku_I3ZcjZbLFbL0b4xW85mi8VqOdp36Azf1edsVJZVko9K7Loebt2b06BwGSzel_p0HhaMBfXZc3QKDZ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVft3D7nMr_6638uF3Cx52t9Bl97mFr7fw6XCLHk633PUWPOxumcvuVjzd0qPDrXg67D635uiyu6VOu88tcdp9bp3f7nNLHna37vWWvN4Sl9OteLo1r7vQ9DZbxBLB6SKdiF7G00X9Rw6xG841y7liOJxLRptVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CViJ4v7____HAQAAkJFDDwAAgH4fUBYAAAAAAAA_ghyshvsHoEKs1Wp1u7FWqxWwIBaD0XIC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist7-out_vC!nonrv_vA!t120!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 06 Oct 2023 16:59:59 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1401
x-cache: MISS
x-served-by: cache-ams21034-AMS
pragma: no-cache
server: nginx
x-timer: S1696611599.412781,VS0,VE394
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame F496 0
323 B 159ms
158ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 811f75407a9e99c2-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 16:59:59 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame B2C9 3 KB
1 KB 154ms
153ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

100c16bbd45c675dc39693732c8a6a46a98b864c1ad7b528ad9819b3083a2cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1173
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 bridge3.594.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CE8E 724 KB
232 KB 114ms
112ms Document
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 158265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 237562
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 21:02:14 GMT
expires: Thu, 03 Oct 2024 21:02:14 GMT
last-modified: Wed, 04 Oct 2023 14:44:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CA2F 40 KB
14 KB 336ms
336ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:16:40 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/ 12 KB
0 633ms
296ms Media
video/mp4 185.180.223.91
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-91.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 06 Oct 2023 16:59:59 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16900083/16900084
Connection: keep-alive
Content-Length: 16900084

GET pixel
ap.lijit.com/ Frame 5FD0 0
0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 1170ms
545ms XHR
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a530fb35e4a9b32234ebde9b11bf6769fe07852f8c3c60cc37c75a8b2334ec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Oct 2023 11:24:04 GMT
server: nginx
etag: W/"651bf9d4-17d2e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 17:00:00 GMT

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame B965 0
0

GET

cs
ad.turn.com/r/ Frame 9A3A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://ad.turn.com/r/cs?pid=45&rndcb=7603310762

0
0

POST all
csm.eu.criteo.net/ Frame 07A4 0
0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 07A4 2 KB
1 KB 1327ms
1326ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 16:59:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 07A4 2 KB
1 KB 1326ms
1325ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 16:59:59 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame B2C9 43 B
443 B 101ms
100ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 16:59:59 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 06 Oct 2023 16:59:58 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2C9
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXuhP4GKOlOmIKjjJo3b_Fj1NokhrdKuA

170 B
188 B

1267ms
1265ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXuhP4GKOlOmIKjjJo3b_Fj1NokhrdKuA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 16:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwXuhP4GKOlOmIKjjJo3b_Fj1NokhrdKuA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B2C9 70 B
148 B 104ms
102ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame B2C9
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=1

0
291 B

236ms
234ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 16:59:59 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=20fb7c434859cedca0f588cb574edfe7&gdpr_consent=&gdpr=1
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1696611599566057-585
Expires: Fri, 06 Oct 2023 16:59:59 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame B2C9 42 B
753 B 101ms
100ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=68cg1-jmAI8-i5lPIEtIPS_2cI0XYfjdaYzftJ8EqhY
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 400 711916.gif
id.rlcdn.com/ Frame B2C9 0
0 343ms
342ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame B2C9 0
39 B 102ms
101ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:57 GMT
content-length: 0

GET
H2 200 68cg1-jmAI8-i5lPIEtIPS_2cI0XYfjdaYzftJ8EqhY&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame B2C9 0
407 B 98ms
96ms Image
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/68cg1-jmAI8-i5lPIEtIPS_2cI0XYfjdaYzftJ8EqhY&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:59:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 811f75419c5a99c2-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

ae898cf8-9bc3-5217-b76e-8a48d24eb744 Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame E57E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://csync.smilewanted.com/set_partner_userid_get/betweenx/ae898cf8-9bc3-5217-b76e-8a48d24eb744

0
457 B

103ms
102ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/ae898cf8-9bc3-5217-b76e-8a48d24eb744
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 811f75424d5799c2-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 16:59:59 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/ae898cf8-9bc3-5217-b76e-8a48d24eb744

GET smwt256.gif
us.ck-ie.com/ Frame 8FEB 0
0

GET cookie
cm.adform.net/ Frame 9B5E 0
0

GET
H2

200

k-m6qT4aQA_VxLEyilzI6-F6Qte_JsI3PgzSjQdw Show response
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame A8B4
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
https://x.bidswitch.net/sync?ssp=criteo&custom_data=lVM9L19zUXdDTlY4UmZRbEtvbE52dTZ1Q0JKNFZjSjBIdGxrc0olMkZpYlFnN2RRa0o0ZWpKVEJlSDlTZGt5SFRPSkNNeTBOSEI5bnNidDR5Y1hHRVdJJTJGYXZLQ0pZJTJCR05pNDVZVnlyd...
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-qugMQqQA_VxLEyilzI6-F6Qte_JKZlOwDmWyGQ&gdpr=&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/match?p=lVM9L19zUXdDTlY4UmZRbEtvbE52dTZ1Q0JKNFZjSjBIdGxrc0olMkZpYlFnN2RRa0o0ZWpKVEJlSDlTZGt5SFRPSkNNeTBOSEI5bnNidDR5Y1hHRVdJJTJGYXZLQ0pZJTJCR05pNDVZVnlydjZDQ05...
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-m6qT4aQA_VxLEyilzI6-F6Qte_JsI3PgzSjQdw

0
788 B

146ms
146ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-m6qT4aQA_VxLEyilzI6-F6Qte_JsI3PgzSjQdw
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 811f754a99f399c2-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 17:00:01 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-store,max-age=0
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 17:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-m6qT4aQA_VxLEyilzI6-F6Qte_JsI3PgzSjQdw
server: Kestrel
strict-transport-security: max-age=31536000; preload;

GET
H2 204 /
onetag-sys.com/usync/ 0
287 B 288ms
287ms Image
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

20fb7c434859cedca0f588cb574edfe7 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 0682
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb7c434859cedca0f588cb574edfe7?gdpr_consent=&gdpr=0

0
525 B

172ms
171ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb7c434859cedca0f588cb574edfe7?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 811f7543cfa499c2-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 16:59:59 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 06 Oct 2023 16:59:59 GMT
Expires: Fri, 06 Oct 2023 16:59:59 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/20fb7c434859cedca0f588cb574edfe7?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1696611599776085-582

GET v1
match.sharethrough.com/universal/ Frame 965B 0
0

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 145ms
144ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=visible-3&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&gid=1057213&studio_cid=f1218cc1-5069-11ee-b177-81a24b859709&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696611596861&cid=1124307&pid=169092&p=AgMiEx8BvGSPRkNw2gN9R3Sg1IoE2iITmVxenxv4wTCe5JBP0ypAiCUBOydGkPE_VNJcpPmEUUcu9YgFG9i5VDgp2E_sK97FZohjy8hU_3225CVxK4n_ADldYFOwVcwFDy9XrcCV_rn15Vkd9TRNcR9AhGtapL8v7Cfz7o6vGcDtEQEiOpp2WovgmTPGNoi8LT3iIdCCQKbegDoZ_QOPwI5qMsR7nUrRip5gILboH5kxDwOPHv0OGg8zr79dZRVgItWog4LbdjmUYly4uaNL-XA_8kcktJnlTQo5x_rwkunBC4Nu295qEodyi7Nmn47FPyMN1a7HOTF5038ZFeZj2dAu38ynBxEP5xAP8SFsrW6lPw&cs=-896968495723736712805&slot=native&fv=1264&ts=1696611600304&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 17:00:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame CE8E 156 B
186 B 417ms
417ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=959678299446044&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FfYbLuFWcfQ6fhD3AAPEfHg%3A1696615195%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=136FA8CF-D1B1-49D2-BD04-C17919C50DA5&nel=0&eid=44751889%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html&dt=1696611600598&cookie=ID%3D656cb4f00c4dbbb8-22e57ded7ce40021%3AT%3D1696611594%3ART%3D1696611597%3AS%3DALNI_MbFllEZF6jqACqVdxyqROVFB0jw5g&gpic=UID%3D00000c8fa9b30680%3AT%3D1696611594%3ART%3D1696611594%3AS%3DALNI_MYHh1Jri8iHy4PV4wCgGer9_gGQ8g&scor=1485672091804512&ged=ve4_td7_tt3_pd7_la7000_er742.400.743.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5A44 16 KB
12 KB 166ms
166ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626eb1faffd6c33bd6aea60c54f7f9a1f29177ff2c08e885c17363496c9536f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12278
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame CE8E 0
54 B 144ms
143ms Ping
image/gif 108.177.14.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lneuqpb9&c=3788496620823&slotId=1894248310411.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.14.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lt-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 17:00:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A44 17 KB
6 KB 87ms
87ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:00:01 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A85 13 KB
5 KB 123ms
122ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:36:32 GMT
expires: Sat, 05 Oct 2024 16:36:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EE23 829 B
793 B 125ms
124ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

b57a1169ed750194694e59ca456e96f0033e51fe51881dbce99cf27f65ea680f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H4_YquTr08i1dIZTAKVx4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-H4_YquTr08i1dIZTAKVx4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 17:00:01 GMT
expires: Fri, 06 Oct 2023 17:00:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 track
t.teads.tv/ Frame AE4D 23 B
134 B 143ms
141ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=visible-4&vid=89a72814-99f5-4af6-bc4b-7cbe6baabad6&gid=1057213&studio_cid=f1218cc1-5069-11ee-b177-81a24b859709&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=d7d2362a-224c-478c-afc6-012a4a3c567f_0a3410d3-4125-4deb-a8e9-5bea0a87c3da&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696611596861&cid=1124307&pid=169092&p=2bDRnLMnFFD7DnqmT-LIGvdiZbL30PbYB_a2ol17nu3XLx3BnrGcQgY83yzI_SffeC6FSVl3ugYqXcBuawxR6XCfvfFaTqxfQ_zUGTI2pdRPnXFDvw3htanMsR2_RuKJaT2_QzfBYEpZF5dy7qTY_n9YbqqjjcBRqe8aquuu5IV5RwpS6j_HnuWNMKxH1xAMWmo7_WOuoyp9-AcYGMGzIGJUCnEcUKBALtK-JAoMJsOANjvFCQQ_7O27n5SsJ4xdc5eCxAhJBLHXLRX4PDNAKqKMRmiq0qaNs1hchURsr62lA7Y-IIVkqlkssCfnei06CIfz6KRtIzLy_SDwgrK1tLUCm1yECZR5dGUyca7Y1Enplg&cs=-184386281004000656505&slot=native&fv=1264&ts=1696611601304&plft=flv&hb_w=320&hb_h=50&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/wang-you-yao-pan-heng-xu-xia-tai-nu-pan-fen-qi-zha-qiang-shen-jing-bing-gong-ran-wu-ru-bei-qi-su.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 06 Oct 2023 17:00:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 137ms
136ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cc082e8f902b156c2fa53623c0db0c209b5d3a028df469a6e38471677e8d0a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12063
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0C8D 15 KB
6 KB 109ms
108ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 17:00:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 1062176
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EE23 0
0 166ms
165ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1129746354846850&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A85 37 KB
14 KB 107ms
107ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 16:36:32 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/ 1 MB
0 372ms
163ms Media
video/mp4 185.180.223.91
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/fYbLuFWcfQ6fhD3AAPEfHg:1696615195/1327/video/1811/480_650.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-91.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=262144-

Response headers

Date: Fri, 06 Oct 2023 17:00:01 GMT
Last-Modified: Thu, 02 Sep 2021 16:34:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd32-101dff4"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 262144-16900083/16900084
Connection: keep-alive
Content-Length: 16637940

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 0C8D 430 B
558 B 169ms
166ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

100751976cf2deecbc976b652393a888452a734f438a39194688bfe3f075379a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 17:00:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 762146
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 163ms
163ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:00:01 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CE8E 0
54 B 177ms
176ms Ping
image/gif 108.177.14.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lneuqpof&c=3788496620823&slotId=1894248310411.5&ghmsh_eids=44751889%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.14.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lt-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 17:00:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77E7 13 KB
5 KB 109ms
104ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 16:36:32 GMT
expires: Sat, 05 Oct 2024 16:36:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 89F0 829 B
768 B 106ms
104ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

02c244ee30f23f8508cd6d7fc0501ba828322adb7be241741a60f226aa473102

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K4g6TI1XhEtPIwVIsj-DPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-K4g6TI1XhEtPIwVIsj-DPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 17:00:01 GMT
expires: Fri, 06 Oct 2023 17:00:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 2A85 0
38 B 105ms
105ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rGchPg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:00:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 77E7 37 KB
14 KB 201ms
201ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS