www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-q...
Submission: On August 31 via manual (August 31st 2023, 9:19:09 am UTC) from US — Scanned from CH

Summary HTTP 479 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 78 IPs in 10 countries across 83 domains to perform 479 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
5 10	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	172.67.71.254 172.67.71.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	169.150.247.36 169.150.247.36	60068 (CDN77 ^_^) (CDN77 ^_^)
2	23.50.131.70 23.50.131.70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.16.238.17 2.16.238.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
44	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
31	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
3 3	23.49.31.203 23.49.31.203	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.218.210.30 23.218.210.30	16625 (AKAMAI-AS) (AKAMAI-AS)
11	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
7	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 6	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
5	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
13	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 6	54.171.4.14 54.171.4.14	16509 (AMAZON-02) (AMAZON-02)
3	52.59.55.175 52.59.55.175	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
9 16	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 7	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
13	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
2 4	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
14 25	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 6	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.213.60 13.107.213.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	91.228.74.244 91.228.74.244	16509 (AMAZON-02) (AMAZON-02)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.73.155.121 3.73.155.121	16509 (AMAZON-02) (AMAZON-02)
6	52.51.73.145 52.51.73.145	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.10 178.250.7.10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
2 10	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 17	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
8	172.67.10.198 172.67.10.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	18.159.76.58 18.159.76.58	16509 (AMAZON-02) (AMAZON-02)
6 10	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.217.18.104 172.217.18.104	15169 (GOOGLE) (GOOGLE)
3	3.233.146.67 3.233.146.67	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	172.64.102.25 172.64.102.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.26.11.209 104.26.11.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.99.50 13.32.99.50	16509 (AMAZON-02) (AMAZON-02)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
6 11	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	8.2.108.175 8.2.108.175	46636 (NATCOWEB) (NATCOWEB)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1 2	95.101.54.233 95.101.54.233	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.157.76.61 35.157.76.61	16509 (AMAZON-02) (AMAZON-02)
1	52.211.254.183 52.211.254.183	() ()
1	185.86.138.153 185.86.138.153	() ()
1	23.35.236.201 23.35.236.201	() ()
1	77.245.57.72 77.245.57.72	() ()
1	44.193.104.224 44.193.104.224	() ()
479	78

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.210.196.208 (Fairfax, United States) 5 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 169.150.247.36 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-36.datapacket.com

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.131.70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-70.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.238.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-17.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.49.31.203 (Haarlem, Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-31-203.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f1.1e100.net

fe223a3fa65cffa7fc216fdad341cd67.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c71d37e279d813295d127a903ee7afd8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.171.4.14 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-4-14.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.55.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-55-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 69.173.144.139 (Frankfurt am Main, Germany) 9 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.226.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.130 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.213.60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.244 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.155.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-155-121.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.51.73.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.84.158 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.39.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 51.38.120.206 (Hessen, Germany) 4 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.76.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-76-58.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.149 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.233.146.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-67.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

d-21189372231412333876.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.102.25 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.11.209 (None, )

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adpushup-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-50.fra60.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.155 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.108.175 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.54.233 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.76.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-76-61.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.254.183 (None, )

ASN- ()

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.153 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (None, )

ASN- ()

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.104.224 (None, )

ASN- ()

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	taboola.com 1 redirects cdn.taboola.com — Cisco Umbrella Rank: 919 trc.taboola.com — Cisco Umbrella Rank: 614 vidstat.taboola.com — Cisco Umbrella Rank: 2542 il-trc-events.taboola.com — Cisco Umbrella Rank: 20471 images.taboola.com — Cisco Umbrella Rank: 1780 imprammp.taboola.com — Cisco Umbrella Rank: 15906 am-match.taboola.com — Cisco Umbrella Rank: 16049 wf.taboola.com — Cisco Umbrella Rank: 2698 am-vid-events.taboola.com — Cisco Umbrella Rank: 14973 pips.taboola.com — Cisco Umbrella Rank: 1574 cds.taboola.com — Cisco Umbrella Rank: 1786 vidstatb.taboola.com — Cisco Umbrella Rank: 4450 sync.taboola.com — Cisco Umbrella Rank: 998	2 MB
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 fe223a3fa65cffa7fc216fdad341cd67.safeframe.googlesyndication.com c71d37e279d813295d127a903ee7afd8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150 ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com	623 KB
46	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 cm.g.doubleclick.net — Cisco Umbrella Rank: 237 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net Failed	586 KB
31	rubiconproject.com 13 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036 eus.rubiconproject.com — Cisco Umbrella Rank: 593 token.rubiconproject.com — Cisco Umbrella Rank: 597 pixel.rubiconproject.com — Cisco Umbrella Rank: 366 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811 fastlane.rubiconproject.com Failed pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2179 pixel-us-east.rubiconproject.com Failed	56 KB
21	casalemedia.com 8 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 567 a5152.casalemedia.com Failed dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475	25 KB
17	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 736	9 KB
13	yahoo.com 7 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451 ups.analytics.yahoo.com — Cisco Umbrella Rank: 326	4 KB
13	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 348	3 KB
12	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 15810 e3.adpushup.com — Cisco Umbrella Rank: 18406	280 KB
11	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 acdn.adnxs.com — Cisco Umbrella Rank: 578 secure.adnxs.com Failed	24 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 405	220 KB
10	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076 s.amazon-adsystem.com — Cisco Umbrella Rank: 310	6 KB
10	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 32070	271 KB
10	aralego.com 5 redirects ads.aralego.com — Cisco Umbrella Rank: 40826 sync.aralego.com — Cisco Umbrella Rank: 2723	5 KB
9	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 751 adpushup-d.openx.net — Cisco Umbrella Rank: 25350 us-u.openx.net — Cisco Umbrella Rank: 478	2 KB
8	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 6591 csync.smilewanted.com — Cisco Umbrella Rank: 2812 static.smilewanted.com — Cisco Umbrella Rank: 11008	16 KB
7	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2295 public.servenobid.com — Cisco Umbrella Rank: 4549	7 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
4	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1578 ssbsync.smartadserver.com rtb-csync.smartadserver.com Failed	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	170 KB
4	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 342 grid.bidswitch.net — Cisco Umbrella Rank: 1078	26 KB
4	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 15124	42 KB
3	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 653 ads.pubmatic.com image6.pubmatic.com Failed	6 KB
3	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 740
3	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 1098	1 KB
3	ad4m.at ad4m.at — Cisco Umbrella Rank: 12393	11 KB
3	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9283	757 B
3	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 880	370 B
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 426 bidder.criteo.com — Cisco Umbrella Rank: 767	477 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 558	35 B
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 537	1 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 659 ce.lijit.com Failed	277 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	88 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1307 contextual.media.net — Cisco Umbrella Rank: 666 hbx.media.net Failed	9 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 583 eb2.3lift.com — Cisco Umbrella Rank: 388	840 B
2	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1240 cms.quantserve.com — Cisco Umbrella Rank: 756	10 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 488 fonts.googleapis.com — Cisco Umbrella Rank: 41	124 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 733	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 28688	11 KB
1	yellowblue.io cs-server-s2s.yellowblue.io	1011 B
1	adkernel.com sync.adkernel.com	160 B
1	gumgum.com g2.gumgum.com	1 KB
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1198 c1.adform.net Failed	106 B
1	ck-ie.com 1 redirects us.ck-ie.com — Cisco Umbrella Rank: 2955	496 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674 cdn.indexww.com Failed	2 KB
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 25069	3 KB
1	ampproject.net d-21189372231412333876.ampproject.net
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4109	454 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1457	493 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	2 KB
1	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 900	1019 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 365	865 B
1	bg3.co www.bg3.co static.bg3.co Failed	13 KB
0	w55c.net Failed pm.w55c.net Failed
0	creativecdn.com Failed creativecdn.com Failed
0	socdm.com Failed tg.socdm.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	tidaltv.com Failed sync.tidaltv.com Failed
0	adition.com Failed dsp.adfarm1.adition.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	company-target.com Failed s.company-target.com Failed
0	adentifi.com Failed rtb.adentifi.com Failed
0	digitaleast.mobi Failed euexchangesync.digitaleast.mobi Failed
0	admanmedia.com Failed sync.admanmedia.com Failed cs.admanmedia.com Failed
0	disqus.com Failed ssp.disqus.com Failed
0	rfihub.com Failed p.rfihub.com Failed
0	minutemedia-prebid.com Failed cs-rtb.minutemedia-prebid.com Failed
0	betweendigital.com Failed ads.betweendigital.com Failed
0	googleadservices.com Failed partner.googleadservices.com Failed
0	turn.com Failed ad.turn.com Failed
0	richaudience.com Failed sync.richaudience.com — Cisco Umbrella Rank: 1819 Failed
0	google-analytics.com Failed www.google-analytics.com Failed region1.google-analytics.com Failed
0	quantcount.com Failed rules.quantcount.com Failed
0	openxcdn.net Failed oa.openxcdn.net Failed
0	id5-sync.com Failed cdn.id5-sync.com Failed
0	uidapi.com Failed cdn.prod.uidapi.com Failed
0	criteo.net Failed static.criteo.net Failed
479	83

	Domain	Requested by
31	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co cdn.adpushup.com ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com googleads.g.doubleclick.net
25	cm.g.doubleclick.net	14 redirects eus.rubiconproject.com googleads.g.doubleclick.net onetag-sys.com adpushup-d.openx.net g2.gumgum.com ssum-sec.casalemedia.com
20	images.taboola.com	www.bg3.co
17	onetag-sys.com	4 redirects cdn.adpushup.com onetag-sys.com csync.smilewanted.com public.servenobid.com
17	il-trc-events.taboola.com	www.bg3.co
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com googleads.g.doubleclick.net
13	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com googleads.g.doubleclick.net cdn.adpushup.com onetag-sys.com adpushup-d.openx.net ssum-sec.casalemedia.com g2.gumgum.com
13	cdn.taboola.com	www.bg3.co cdn.taboola.com
11	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
11	securepubads.g.doubleclick.net	cdn.aralego.net cdn.adpushup.com securepubads.g.doubleclick.net
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	ib.adnxs.com	6 redirects cdn.adpushup.com acdn.adnxs.com googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com cdn.ampproject.org cdn.adpushup.com ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	pixel.rubiconproject.com	5 redirects eus.rubiconproject.com onetag-sys.com
10	cdn.unibotscdn.com	www.bg3.co cdn.unibotscdn.com
8	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com cdn.adpushup.com public.servenobid.com
7	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com public.servenobid.com ssum-sec.casalemedia.com www.bg3.co
7	ups.analytics.yahoo.com	3 redirects am-match.taboola.com onetag-sys.com
7	e3.adpushup.com	www.bg3.co
7	sync.aralego.com	4 redirects ads.aralego.com www.bg3.co
6	ads.servenobid.com	cdn.adpushup.com public.servenobid.com onetag-sys.com ssum-sec.casalemedia.com g2.gumgum.com ssbsync.smartadserver.com cs-server-s2s.yellowblue.io
6	www.google.com	tpc.googlesyndication.com ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com onetag-sys.com ssum-sec.casalemedia.com
6	token.rubiconproject.com	4 redirects eus.rubiconproject.com
6	pr-bh.ybp.yahoo.com	4 redirects imprammp.taboola.com am-match.taboola.com g2.gumgum.com ssum-sec.casalemedia.com
5	csync.smilewanted.com	cdn.adpushup.com csync.smilewanted.com onetag-sys.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	us-u.openx.net	1 redirects adpushup-d.openx.net googleads.g.doubleclick.net g2.gumgum.com
4	www.googletagservices.com	ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com adpushup-d.openx.net
4	cdn.aralego.net	www.bg3.co ads.aralego.com
3	id.rlcdn.com	onetag-sys.com
3	ssbsync-global.smartadserver.com	1 redirects onetag-sys.com
3	pixel-eu.rubiconproject.com	1 redirects onetag-sys.com
3	sync.mathtag.com	onetag-sys.com
3	ad4m.at	cdn.adpushup.com ssum-sec.casalemedia.com www.bg3.co ad4m.at
3	ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	http-intake.logs.datadoghq.com	cdn.adpushup.com
3	rtb.openx.net	cdn.adpushup.com
3	htlb.casalemedia.com	cdn.adpushup.com
3	prebid.a-mo.net	1 redirects cdn.adpushup.com
3	x.bidswitch.net	imprammp.taboola.com onetag-sys.com ssum-sec.casalemedia.com g2.gumgum.com
3	secure-assets.rubiconproject.com	3 redirects g2.gumgum.com
3	trc.taboola.com	cdn.taboola.com
3	ads.aralego.com	1 redirects ads.aralego.com
2	match.sharethrough.com	csync.smilewanted.com public.servenobid.com cs-server-s2s.yellowblue.io
2	ads.stickyadstv.com	1 redirects ssum-sec.casalemedia.com cs-server-s2s.yellowblue.io
2	ap.lijit.com	csync.smilewanted.com public.servenobid.com
2	image8.pubmatic.com	onetag-sys.com cs-server-s2s.yellowblue.io
2	adpushup-d.openx.net	1 redirects cdn.adpushup.com
2	sync.taboola.com	1 redirects am-match.taboola.com
2	www.googletagmanager.com	cdn.adpushup.com cdn.ampproject.org
2	prebid.smilewanted.com	cdn.adpushup.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	gum.criteo.com	cdn.taboola.com cdn.adpushup.com
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	cms.quantserve.com	1 redirects ssbsync.smartadserver.com
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	ads.pubmatic.com	public.servenobid.com g2.gumgum.com
1	ssbsync.smartadserver.com	public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com
1	g2.gumgum.com	public.servenobid.com
1	cm.adform.net	csync.smilewanted.com
1	us.ck-ie.com	1 redirects
1	static.smilewanted.com	csync.smilewanted.com
1	contextual.media.net	cdn.adpushup.com
1	acdn.adnxs.com	cdn.adpushup.com
1	eb2.3lift.com	cdn.adpushup.com
1	public.servenobid.com	cdn.adpushup.com
1	js-sec.indexww.com	cdn.adpushup.com ssum-sec.casalemedia.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	vidstatb.taboola.com	www.bg3.co
1	d-21189372231412333876.ampproject.net	cdn.ampproject.org
1	prebid.media.net	cdn.adpushup.com
1	hb-api.omnitagjs.com	cdn.adpushup.com
1	a.teads.tv	cdn.adpushup.com
1	tlx.3lift.com	cdn.adpushup.com
1	bidder.criteo.com	cdn.adpushup.com
1	grid.bidswitch.net	cdn.adpushup.com
1	prebid-server.rubiconproject.com	cdn.adpushup.com
1	cdn.jsdelivr.net	cdn.adpushup.com securepubads.g.doubleclick.net
1	secure.quantserve.com	cdn.adpushup.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	www.clarity.ms	www.bg3.co www.clarity.ms
1	px.ads.linkedin.com	eus.rubiconproject.com
1	c71d37e279d813295d127a903ee7afd8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fe223a3fa65cffa7fc216fdad341cd67.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	cdn.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	imasdk.googleapis.com	cdn.unibotscdn.com
1	www.bg3.co
0	pm.w55c.net Failed	ssum-sec.casalemedia.com
0	creativecdn.com Failed	g2.gumgum.com
0	cs.admanmedia.com Failed	g2.gumgum.com
0	tg.socdm.com Failed	g2.gumgum.com
0	sync-tm.everesttech.net Failed	g2.gumgum.com
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	sync.tidaltv.com Failed	ssbsync.smartadserver.com
0	rtb-csync.smartadserver.com Failed	ssbsync.smartadserver.com
0	dsp.adfarm1.adition.com Failed	ssbsync.smartadserver.com
0	bh.contextweb.com Failed	g2.gumgum.com
0	ad.360yield.com Failed	g2.gumgum.com
0	b1sync.zemanta.com Failed	g2.gumgum.com ssum-sec.casalemedia.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	sync.srv.stackadapt.com Failed	g2.gumgum.com
0	sync.outbrain.com Failed	g2.gumgum.com
0	secure.adnxs.com Failed	g2.gumgum.com
0	pixel-us-east.rubiconproject.com Failed	eus.rubiconproject.com
0	s.company-target.com Failed	ssum-sec.casalemedia.com
0	cdn.indexww.com Failed	ssum-sec.casalemedia.com
0	rtb.adentifi.com Failed	ssum-sec.casalemedia.com
0	euexchangesync.digitaleast.mobi Failed	ssum-sec.casalemedia.com
0	c1.adform.net Failed	adpushup-d.openx.net
0	sync.admanmedia.com Failed	public.servenobid.com
0	hbx.media.net Failed	public.servenobid.com
0	ssp.disqus.com Failed	public.servenobid.com
0	p.rfihub.com Failed	public.servenobid.com ssum-sec.casalemedia.com
0	ce.lijit.com Failed	public.servenobid.com
0	cs-rtb.minutemedia-prebid.com Failed	public.servenobid.com
0	ads.betweendigital.com Failed	csync.smilewanted.com
0	partner.googleadservices.com Failed	pagead2.googlesyndication.com
0	ad.turn.com Failed	csync.smilewanted.com public.servenobid.com
0	sync.richaudience.com Failed	csync.smilewanted.com
0	stats.g.doubleclick.net Failed	cdn.ampproject.org
0	region1.google-analytics.com Failed	www.googletagmanager.com cdn.ampproject.org
0	www.google-analytics.com Failed	www.bg3.co
0	rules.quantcount.com Failed	secure.quantserve.com
0	a5152.casalemedia.com Failed	cdn.adpushup.com
0	oa.openxcdn.net Failed	securepubads.g.doubleclick.net
0	cdn.id5-sync.com Failed	securepubads.g.doubleclick.net
0	cdn.prod.uidapi.com Failed	securepubads.g.doubleclick.net
0	static.criteo.net Failed	cdn.adpushup.com securepubads.g.doubleclick.net
0	fastlane.rubiconproject.com Failed	cdn.adpushup.com
0	static.bg3.co Failed	www.bg3.co
479	140

This site contains links to these domains. Also see Links.

Domain
2mbxk5.llsdzktnxwnnr.com
popup.taboola.com
hjg1zc.llsdzktnxwnnr.com
www.sat1.de
intouch.wunderweib.de
6qmbw5.jrfnzkkq.com
www.familyaustria.at
seniorliving-ch.com
ecohouses-ch.com
fit-und-mental.de
69a56c.llsdzktnxwnnr.com
417e21.snzgdl.com
track.eternal-track.com
wordsa.com
electriccars-ch.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cdn.unibotscdn.com R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.a-mo.net R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh

This page contains 70 frames:

Primary Page: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Frame ID: F3D693980CFA78233498CB3F7B74818C
Requests: 186 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2C323C32E13666963B76236EB6CD757E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 586BFB24A03609D05247F04E5D007A64
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: CF4054207B63C6E3EDBE40A57C28D4CB
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 2673EB772A5C6EE2905439CE49A71AC6
Requests: 12 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 614C49D43BC9D18032617176487531F2
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 47171F7A14C7CD38A8857CF511E831E3
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&cmcv=&pix=undefined&cb=1693473528502&uv=3328&tms=1693473528502&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=792f9d33-fe51-42d0-81af-5792596a905c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 864DE5B403AEBE69BEDD7B5DE763D0FB
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F5C82D51F84051C60012F8F17DF9BBD7
Requests: 4 HTTP requests in this frame

Frame: https://fe223a3fa65cffa7fc216fdad341cd67.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 521A54FD4B083BDFC456716CF1CC1BD4
Requests: 1 HTTP requests in this frame

Frame: https://c71d37e279d813295d127a903ee7afd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0E76B39927BF3F3E02022C04900F8FE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F4D77098B94B8791A8CE0D1621CEC0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05754DEB76FC701C991EBF5B31CFCC65
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6DBFDA5A36BB928341E0B890B35C5590
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5FC3B2207E20E07820F1B8FE3629E59
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230829/r20190131/zrt_lookup.html
Frame ID: 1470F9163F6B0169691AD0EAD6F7F8F3
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 60BFF8D6B93B89A8F91FD5B84197FAB8
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-892391627799815566&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3071&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=66001663&ga_cid=amp-kqzI-cVdnMoGGCtSj66XoQ&ga_hid=1663&dt=1693473540632&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&bdt=22330&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: A2156A955E8B231FE9A6C91D4A2CA934
Requests: 1 HTTP requests in this frame

Frame: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6AB59AFC2C06A574900232826B4EBE33
Requests: 1 HTTP requests in this frame

Frame: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 494CC29A8B2C527ACBE9933186A89245
Requests: 11 HTTP requests in this frame

Frame: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 15E8C5E54812B8BF64AECF15C542927E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWfQtP04Yg55StweQwwRgG_w173Pd_YICxalSxV7u0a8i4v4ABcH8mANhMatWARHzdg5c4y-EsxoaGWim5pmTBOXv_11w
Frame ID: DAB958E76F864B2EAB05A623C06CED8C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: BC473A4DBE92D40473157D8A2D71CA60
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWNd1WYISW_e1_DIVu4Gj_Y3HJT7AURxnyZ3d5qMwKucdQKZyMo_co3DpXkOR895FsUpv5jyMmmZeduNQsI7qkXOLMgwg
Frame ID: 01FFD8CBF0AF89BEA984EE870400923D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWqpVjU9dVz7nA6WXlamGXl5xJJZ7icED2YJq3ZuTzi5D8X2vRtEMVrPlob7c2Dc02LtoLWU5bKXNM1cxutsOAdEOSQ3w
Frame ID: E06DAB58C250AEBCC785CA806C0077FC
Requests: 4 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 17FE601E1B80560048FDE6EF6E10D9D8
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B2609EEA8E1922E4A4088794A457DFDF
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: 6ADBDEE683397E4DB981290467A3C0C0
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 365D60C61AEC4FA48649F0ACF732344D
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 87C1AC81873206743E0397BD1E82B339
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3534E7712CA12077385523F573536E80
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AFEA2D57B1617680EE6D33DF50672DCE
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 4A4809CD24423C40D08FCBB57A6D004F
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693473540300
Frame ID: F60E589D80051E6AB5AFA5751D70F7B5
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 016AE2C280A4A27BF319E2B4425A180B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: DA32CD030F00C05046B6B0F4D34C93E4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: A0428C812FEA7F254DB7C4826A17D7CE
Requests: 14 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 9DBB7C80B54EA6DB97DA69DB1D66E75E
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
Frame ID: FAD2C622395C2F054DA6E869471FFD07
Requests: 1 HTTP requests in this frame

Frame: https://ad.turn.com/r/cs?pid=45&rndcb=5890311092
Frame ID: 539348106DA0EDFD54C486A75B74E812
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527147&bpp=9221&bdt=3753&idt=18819&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=2&ga_vid=373335609.1693473543&ga_sid=1693473546&ga_hid=32099369&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2499966190&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076839%2C31077369%2C44785292%2C44798934&oid=2&pvsid=3234666658392896&tmod=915018954&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oe40g5u77j07&fsb=1&dtd=18834
Frame ID: 0CA7D5349F503885CF895124391005EC
Requests: 11 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-7701563183069211107
Frame ID: E98D374BED0EFDD4D2E9E0BECDAA075C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/285a2b14c93c955bda38dbbc68eeaec2ed2b402139d65b0ea0d27ba02be7988a
Frame ID: C812BD744D3C71B074F71522236328AA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 424735883899DE85E3D49DC914533200
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/76e6cf9e88565f181cd9f7e38cfe456?gdpr_consent=&gdpr=0
Frame ID: E62B11368B1A054725B3C4FFCCE731FC
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 82BDF3231CD62405A372BD93E2CE6178
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/74485f29a0a06d89fb33c56a3b77d82fbafe4fc1150812ac2e938c45de65e941
Frame ID: D3260E1258D80E95356634BD2D83868B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8BE083FBDAF8CA3783108E551A063B9F
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 000E9136FB779C15CCD7382B5474505A
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CDF7B75CDA731653296A749F97F0D599
Requests: 14 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: BD97ED41883793B2A51E4F48C1EB5899
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 9ECDFF005A8D368C599B6A8A0C9BF087
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 774F6D45C5D41DF007B0A971351080B3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 5B3EDF8877F54C1AB7F39F0E489803F9
Requests: 2 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: E5D0BA08C41E99D0D6C9E2960E176D5E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 9C2E5CEEB77BCC7D275B6EE8762A4D96
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 0F98DA0152764A1E94AE0CB0AE1EA9C5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNU7F33yayTpt4LtjuiB65sMdiLjxN-tOpzEt0f4oXXRDryF7x-1XhzcRC7esz7OUqYuwXlyFI09UhZv_tgbW0V6qrvQCQ
Frame ID: 7BE006144A719A116A7C87579B2AC193
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527309&bpp=9205&bdt=3900&idt=19565&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=1&ga_vid=373335609.1693473543&ga_sid=1693473547&ga_hid=452535409&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2195&biw=1600&bih=1200&isw=336&ish=280&ifk=4254637907&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077328&oid=2&pvsid=3611494147333327&tmod=1742399864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ulj9byuxv3lz&btvi=1&fsb=1&dtd=19577
Frame ID: FC15F268AB6817DB126214404791F9E2
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Frame ID: D0380AFFBB99C0CE2F9682113CCC974D
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C6E0435654A257C033872585AFD33B21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXXKHHGY6ezN6Y8FeKAdLgHmwA2WYI_ztWwf9ca1ZgJsZA94x-3ZeyFPv9dtlUtc6FI2golamuJSsCfN5J6ewzcSyHf0A
Frame ID: D109A4A55A539E3F8C3B6812DE58E8E3
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 8CA3C9344BDDD78464075AD6AC856E2C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2FmYmM5NS04MTgxLTQxNzAtYjU4Zi1jMTU3NDA5NWZmZGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 0D28AEAF10DAC93EA7B2EBA5159D78D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EA7A2C31834280BD8E1BFB83D201538F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: BFBA7A0808D7870B699BB12290336F99
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: A7B75DE3300FFB8A1E000768DCB005E9
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_57afbc95-8181-4170-b58f-c1574095ffda&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: F4415B70450DDA3781A023447789BEB2
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 55191246FE63F9B4370262DE0EB4174C
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Frame ID: D3E6D171F702F499940E3F048F4CFC53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

猛威爾中繼伺機登板　林嶽平：先搶今天封王再挑戰全年 - 天天要聞

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

479
Requests

66 %
HTTPS

0 %
IPv6

83
Domains

140
Subdomains

78
IPs

10
Countries

4283 kB
Transfer

12324 kB
Size

44
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://2mbxk5.llsdzktnxwnnr.com/
Title: Außensauna | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://hjg1zc.llsdzktnxwnnr.com/
Title: Ringe | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.sat1.de/serien/sat1-fruehstuecksfernsehen/videos/strafen-fuer-oben-ohne-ostsee-stadt-geht-gegen-fkk-fans-vor
Title: Sat1

Search URL Search Domain Scan URL

URL: https://intouch.wunderweib.de/charlene-von-monaco-ihre-verwandlung-von-frueher-bis-heute-113992.html
Title: InTouch

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.sat1.de/serien/sat1-fruehstuecksfernsehen/videos/pleite-wegen-strassensanierung
Title: Sat1

Search URL Search Domain Scan URL

URL: https://6qmbw5.jrfnzkkq.com/
Title: Autos | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://www.familyaustria.at/herbsturlaub-oesterreich/
Title: Ferien in Österreich

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://seniorliving-ch.com/
Title: Seniorenwohnen | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://ecohouses-ch.com/
Title: Ökohäuser | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://fit-und-mental.de/11-kinderstars-vergangener-zeit-und-was-sie-heute-machen/2/
Title: Fit & Mental

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://69a56c.llsdzktnxwnnr.com/
Title: Pflege zu Hause | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://417e21.snzgdl.com/
Title: Häuser aus Holz | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://track.eternal-track.com/2753d609-5a06-40b3-b67c-37ae5124ef0c
Title: Autos | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://wordsa.com/trending/ausergewohnliches-dubai-tauche-ein-in-eine-welt-voller-kuriositaten-2-tb
Title: Wordsa

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://electriccars-ch.com/
Title: Elektroautos | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 95

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 98

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 148

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLYYEZYG-Y-EN5C HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLYYEZYG-Y-EN5C HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/988e88a8-d7e7-3a21-b705-a6e3ce35ff95?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JMB4COdE2oXxEY3CHxQfl.KUXQgfr7wET.sLOYc-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 150

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLYYEZYL-1M-52ND HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLYYEZYL-1M-52ND HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/988e88a8-d7e7-3a21-b705-a6e3ce35ff95?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JMB4COdE2oXxEY3CHxQfl.KUXQgfr7wET.sLOYc-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 152

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=I1xNnYVPTRK0omhwHjGEkw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=I1xNnYVPTRK0omhwHjGEkw

Request Chain 153

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExZWUVaWUwtMU0tNTJORA== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECVuTI3bGwBrzWsH-S0Ms-w&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZWUVaWUwtMU0tNTJORA==&google_push=

Request Chain 154

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OqSQv6F3TPmzJblrbRM9iA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OqSQv6F3TPmzJblrbRM9iA

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBmI9cWR91pPQs2_6GKItKg&google_cver=1

Request Chain 156

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTI4NTg4MDM3Y2ZjZWIwZmFmZDBjYzliOGJhYWZjYWU1OTk4NzY1Yw

Request Chain 157

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLYYEZYL-1M-52ND

Request Chain 158

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/zTQbBo64zNWG2ijpcRli28n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FqGdMD1E2oJoaBuZeOYfl6ozOH3uvofNjFxvgA--~A

Request Chain 214

https://pr-bh.ybp.yahoo.com/sync/taboola/bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2TRc6JBE2oRQTIHc5HP9A2niIbq44vg5LC9dyw--~A

Request Chain 266

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEAXn75Z5WDQDhQYxzNG7blo&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEAXn75Z5WDQDhQYxzNG7blo&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=0927f3556f4f35dfed047e2668d29b83&uid=0927f3556f4f35dfed047e2668d29b83&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 273

https://adpushup-d.openx.net/w/1.0/pd HTTP 302
https://adpushup-d.openx.net/w/1.0/pd?cc=1

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1&C=1

Request Chain 283

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPBbCkFZ6oP0pBI7h2RNxwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1&C=1

Request Chain 286

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPBbCmocJstjoZ6UnlqvZAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

Request Chain 291

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1110900752246686789

Request Chain 293

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjnJTTuCP9S9XgWJlTEhIC0nCSLC0mlQ

Request Chain 296

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg

Request Chain 298

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

Request Chain 308

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1

Request Chain 309

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1693473547401 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=5890311092

Request Chain 312

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-7701563183069211107

Request Chain 313

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/285a2b14c93c955bda38dbbc68eeaec2ed2b402139d65b0ea0d27ba02be7988a

Request Chain 315

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/76e6cf9e88565f181cd9f7e38cfe456?gdpr_consent=&gdpr=0

Request Chain 319

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1110900752246686789

Request Chain 320

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjoH5rgu4Z7KzqZjYxNdvR8BEa-OEx3w

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

Request Chain 330

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smartyads/74485f29a0a06d89fb33c56a3b77d82fbafe4fc1150812ac2e938c45de65e941

Request Chain 331

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 335

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 336

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 341

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=1110900752246686789

Request Chain 342

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

Request Chain 344

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1693473547400 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3344371289

Request Chain 346

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=962f2129-2d34-4a1b-b512-bb7864ca8d3d

Request Chain 347

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 348

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A

Request Chain 350

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A

Request Chain 355

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qXCWpKomwPWyIZWi_n3do_pxlaeyd5Gm-nddtRmg

Request Chain 360

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELyPjgyFPUPJtp99-pInU9U&google_cver=1

Request Chain 370

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjoyYG5Vwzg8XwR-VKrzHQpf8NrmIDqw

Request Chain 371

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

Request Chain 373

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LLYYEZYL-1M-52ND&gdpr=0

Request Chain 374

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1110900752246686789

Request Chain 375

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=5488853778262683603

Request Chain 377

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0M1MkU0OUMtNzAwMS00QUYyLUFERjItNzQ2RDgxQzhDQzVB&gdpr=0&gdpr_consent=

Request Chain 378

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A

Request Chain 380

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=

Request Chain 389

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBBlmcBkfsvZsmXtAPl-6Vs&google_cver=1

Request Chain 390

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTExMDkwMDc1MjI0NjY4Njc4OQ%3D%3D

Request Chain 391

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELyPjgyFPUPJtp99-pInU9U&google_cver=1

Request Chain 392

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdkZmJkZTItNDdkMC02ZTc1LTQ3NDYtYTE1MjllOTFlNTc4

Request Chain 394

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPBbCqXL5x9QORTvBtKHdAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

Request Chain 395

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPBbCuTJErtVcC_hqMm01QAAFJMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBNR_1_mO37UZukq6Ijzzu0&google_cver=1

Request Chain 397

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index

Request Chain 399

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZPBbCuTJErtVcC-hqMm01QAA%265267&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=16bddcfa-4c15-4ff2-b2ab-657d45beccd1-tuctbe9e08b

Request Chain 402

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPBbCqXL5x9QORTvBtKHdAAACKoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBNR_1_mO37UZukq6Ijzzu0&google_cver=1

Request Chain 405

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPBbCqXL5x9QORTvBtKHdAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

479 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html Show response
www.bg3.co/a/ 49 KB
13 KB 3764ms
1828ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 377031c455f8045077982eb9ed6e1ab38d22dad6b7e31a1e7e7eaea0d177aa29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 09:18:37 GMT
etag: "c2f0-lX6f9N4vu+UeQ8XketMRBUmaOTs"
expires: Thu, 31 Aug 2023 09:33:37 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 1923ms
395ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 31 Aug 2023 09:18:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72923
x-xss-protection: 0
server: sffe
etag: "8f05ddb4de6114d6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 31 Aug 2023 09:18:40 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 1910ms
382ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 31 Aug 2023 09:18:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9638
x-xss-protection: 0
server: sffe
etag: "3c97018a73867a04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 31 Aug 2023 09:18:40 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
7 KB 2048ms
544ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 31 Aug 2023 09:18:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7567
x-xss-protection: 0
server: sffe
etag: "694191137fe44b1a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 31 Aug 2023 09:18:40 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

2536ms
413ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tqz4WgV%2BOvGdc%2FoXtwKWY4RnCThMrqQq0uGjGRyzDfMKU4sappSUpPwS3mTxmj1Iv0WsLv4g8%2FGaUHZVry59piaa2DIrbvKtsbJFtsUdWbzwZqWTUmiQf7Hl3psyEvB97A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ff4300dfb93035a-CDG

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/ 235 KB
89 KB 1910ms
377ms Script
application/javascript 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/player.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: b15fd2698909f021faee07724e65ecf469015600042587c3183e0dafe0e759cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:40 GMT
content-encoding: br
cdn-edgestorageid: 1049
cdn-storageserver: DE-664
cdn-cachedat: 08/31/2023 06:29:40
cdn-pullzone: 873945
last-modified: Thu, 31 Aug 2023 06:01:08 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 645
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64f02ca4-3ac10"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 019820f0187d2f7477c17682fbdab50c
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 1927ms
383ms Script
application/javascript 23.50.131.70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-70.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: eada67cef809faab179bb42d56042d47c6a205526e110cab1a8f03a585104a88

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 31 Aug 2023 09:18:40 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Thu, 31 Aug 2023 07:00:25 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: CH
content-length: 10017
expires: Thu, 31 Aug 2023 10:18:40 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 657 KB
138 KB 1928ms
384ms Script
application/javascript 2.16.238.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-17.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9ed8d22b40d30ca76771d14a739c9ef4028fced22e2391f49f6ba43e6851cd79

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 31 Aug 2023 09:18:40 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Tue, 29 Aug 2023 01:02:24 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: CH
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1693473519664_34664209_1332186170_681_1264_135_405_146";dur=1
content-length: 141192
expires: Thu, 31 Aug 2023 10:18:40 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 481 KB
53 KB 1567ms
369ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 941a162b6b1fc1f22dee6710e5e6a801b30c94dd05c89df0d4fe1d5d2d64592a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lsxO0Acw5G1dR5wPcrH1M7mCgd63Bqph
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:39 GMT
x-amz-request-id: 710VT395CBT83DWW
age: 2550
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 53315
x-amz-id-2: bzJVrCxgSlgQM9nUfmg4Mrz6AyMPvS+BwG/qVY775/jGzBQeb8nsp5ZWwqr4MMsPwaRoKoUL3iw=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 31 Aug 2023 08:35:29 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473520.708828,VS0,VE2
etag: "2baa1802b17f7f8c4cf60b0fbd67b5eb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 94
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20230830-8-RELEASE.js Show response
cdn.taboola.com/libtrc/ 804 KB
167 KB 993ms
993ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 37cad418c36ef3bcbffbee28600e2cdb2339a754ef141fb75c0de3c15523cd44

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nQoRCjjgoLejsC0U4vBbL4Rqsc0Bty61
content-encoding: br
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:40 GMT
x-amz-request-id: 25NCCF2SSY4MV7KK
age: 28575
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170365
x-amz-id-2: mFMhg8rQ3cJ8vAxNqYxPhcriAYGLml+ucbCTWTS1sSWo4nBGpl+CsLtTuxgqETBBULTY9/kk4YU=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 09:22:24 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473520.460158,VS0,VE0
etag: "50babf3d0729c17439bdc90bc5fbaeee"
vary: Accept-Encoding
content-type: application/javascript
abp: 21
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 67417

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 2689ms
450ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:42 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1693473522.dop216.fr8.t,1693473522.cds163.fr8.hn,1693473522.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET 839410b212d1f93ec3a336b6315565c5.jpg
static.bg3.co/imgs/202111/ 0
0

GET 8374bc0a0fa58eb329f967fb245a4ba3.jpg
static.bg3.co/imgs/202107/ 0
0

GET a73c60d30679b99c147373354205f7ec.jpg
static.bg3.co/imgs/202105/ 0
0

GET 745e3fb7055efccd4e4eb6fd3da4cedd.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8cc3a45c930fccf2793bd77569a59aeb.jpg
static.bg3.co/imgs/202105/ 0
0

GET 0d4e1f637449c9d65ea8e1d409c1759a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 284a819f82851f791b23e3bd7a5acd2f.jpg
static.bg3.co/imgs/202109/ 0
0

GET e1e78300f57875ba2a5f29b640d0f232.jpg
static.bg3.co/imgs/202109/ 0
0

GET 4322a704218626eb902c84ef43eab2d1.jpg
static.bg3.co/imgs/202106/ 0
0

GET 67ab0136dd680e9e5040eb662d15a28c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 528fbee0dbfc6071b505660675b78c9e.jpg
static.bg3.co/imgs/202109/ 0
0

GET 8618be86cc5ca60deb2ac6bd5c93fd14.jpg
static.bg3.co/imgs/202105/ 0
0

GET 3bcc37d1b43783c4b56db91ed0990370.jpg
static.bg3.co/imgs/202105/ 0
0

GET b3ae9470a29e08249ac1109275cb7f23.jpg
static.bg3.co/imgs/202105/ 0
0

GET a5e3dac05d9a2cbe0ccccfd09560b0d1.jpg
static.bg3.co/imgs/202105/ 0
0

GET afe874d9ae92480a6703ebe585c32b8b.jpg
static.bg3.co/imgs/202105/ 0
0

GET 11acb8fade9b54e39cec1c3df3d492fc.jpg
static.bg3.co/imgs/202105/ 0
0

GET fe41fb9302358a058cadeeddafef5970.jpg
static.bg3.co/imgs/202109/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 8 KB
3 KB 1917ms
382ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:09 GMT
age: 132399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2971
x-xss-protection: 0
server: sffe
etag: "81fe35e806c986f9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:09 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 82 KB
23 KB 1920ms
385ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:09 GMT
age: 132399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23145
x-xss-protection: 0
server: sffe
etag: "1e24d49ff16f97fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:09 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 4 KB
867 B 2483ms
454ms Fetch
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0145343f785d8e0f2347a5e8dc6db6a6e3fb421be5a1da5cdb09892ea4dab942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 520
x-xss-protection: 0

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 12 KB
5 KB 1914ms
380ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:09 GMT
age: 132399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3937
x-xss-protection: 0
server: sffe
etag: "256c2c03e8e2f982"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:09 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 390ms
390ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:47 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1693473527.dop216.fr8.t,1693473527.cds163.fr8.hn,1693473527.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 1905ms
374ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 209534
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 66 KB
17 KB 1014ms
1006ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A18%3A41.636&lti=deflated&data=%7B%22id%22%3A188%2C%22ii%22%3A%22%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693470926873%2C%22vi%22%3A1693473521632%2C%22cv%22%3A%2220230830-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%22%2C%22vpi%22%3A%22%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3171%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1255.046875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef59974d981107d4742ec62c18eb7398996371d7cc8812cb1cc3dd4ebf3a0313

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 392
date: Thu, 31 Aug 2023 09:18:42 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 64365
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230073-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693473522.830187,VS0,VE392
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 bg3.json Show response
cdn.unibotscdn.com/clientdata/ 19 KB
2 KB 2261ms
375ms Fetch
application/json 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/bg3.json
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: 0c19ceb9e644432030306134ea0de541336c4e1698356fab363bf803e2583990

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:43 GMT
content-encoding: gzip
cdn-edgestorageid: 1078
cdn-storageserver: DE-677
cdn-cachedat: 08/01/2023 11:49:47
cdn-pullzone: 873945
last-modified: Tue, 01 Aug 2023 11:47:20 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 652
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 009bf2f3a50c98f5b2091b2baaecbb85
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 taboola-vignette-new-scanning.20230830-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 376ms
375ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230830-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abfec734afd0878ea18f70b04db5c601612da43ecb3d70b537d7d9082631a377

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MLzmex.1iKyep_dPKZ4ZvD4ijtEKYXHU
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:47 GMT
x-amz-request-id: W28070ARV7X9XZA4
age: 68405
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8019
x-amz-id-2: eygrmfmcjGJfb6pW5Lbw+k9GpC0g9JjScVCIT36WU19nYOEntgjenA1B37MOyCxBZRj3VrokiNQ=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 14:18:42 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473527.490417,VS0,VE0
etag: "400467030a087bc786ea654865665aa1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 12
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 9035

GET
H2 200 distance-from-article.20230830-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
2 KB 374ms
374ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230830-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03d3f85197360e4684f26a00d33541910a8e4c157c6372d09e41994ad039a727

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PP74Po8ErbWVWGPZF_9scPME5hTr65zy
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:47 GMT
x-amz-request-id: RCJWQPDHE6NCA0KE
age: 68443
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: yjl+wBMqEg09jDUKc6GAdxK7Qe/IG1Clo7CVk4SIohzZk4DMN94m8I9lsQ+rb6ujbMqdR/CfDnQ=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 14:18:05 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473527.490426,VS0,VE0
etag: "cb56702a02ebfe9bffe0f6bfde907156"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 19
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 128777

GET
H2 200 article-detection.20230830-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 392ms
392ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230830-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ba30fabef8a3646d3449ae6e2af4a6fadd893988410fd1ea78759403cd5f81

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: XNPdJ8nNek2Y6AGVxG_1JxfCfBkX779J
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:47 GMT
x-amz-request-id: F5N2M0Z34S4ZVF7C
age: 68450
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: C3aZ6i78Rbqfll0jpiKSQfB3iTRbevHdQLHt2l/cDigRDuAIGU1ZiIXsOG1gX3+HcejOHAH6Rdo=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 14:17:58 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473528.517507,VS0,VE0
etag: "9309f5009e44992979130292dc6600a2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 128759

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.2.7/ 125 KB
36 KB 383ms
382ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81f5c6e1abf8d3d9a30e2ae804208b24e57fa5de96856eb8a9b8f61312e9f914

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:47 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 87147
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 35909
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 09:06:10 GMT
server: AmazonS3
x-timer: S1693473528.868471,VS0,VE0
etag: "f239c302054dd1e219afc4ce8e59a8ac"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZOgvNeoLBuY2mNqTZdheLcV0W8ryx1lplzTiFabBZarw8oEmG0cdeA==
x-cache-hits: 2055

GET
H2 200 feed-card-placeholder.20230830-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 545ms
545ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230830-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b081f758eb4f787016ce0140a615934de59a34e01843db159c37bfe059440986

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fu7psKwfg6tEWSWtETgYSO2b5Drv9cIw
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:47 GMT
x-amz-request-id: HYNFNSHZK4DTWYPK
age: 68438
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: AjiOmOAv3belJqco+HHhf58SdbUzEzX+7MWrKi8CEKopXbHCIjeOXCMS9yEhw68kvM1fRANoXaE=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 14:18:10 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473528.868469,VS0,VE0
etag: "1dd6db2f4613383b1b8ff9ac985bfeb3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 117340

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 530ms
530ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:47 GMT
x-amz-request-id: CCG7A4WVWN5WJAVZ
age: 18
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473528.889060,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 9
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 28

GET
H2 200 userx.20230830-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 369ms
369ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230830-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c7f06d5926f4da53559d7f0e3b7db9c2f0d1ec51884459c31348a6377903114

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 46MFPVpusEXubZu8LOUmxBi_ATP_T9Zf
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:48 GMT
x-amz-request-id: 2CY3PK2TEXJE5GY3
age: 68402
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: MUPA5RnbxEDy9a2MndKOdLdJAImZaFzpQRLY2uRhaWg4b6KkXDGzJmmbJjdq7HBjcN9iviJkzz0=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 14:18:46 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473528.179991,VS0,VE0
etag: "84d9ce4f7b76fbbaa632ca2007cfbd42"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 35320

GET
H2 200 explore-more.20230830-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 368ms
368ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230830-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68ee52ae7b3d20de9a27d768256641866d450ec7c6d4dedc54a0efd7f2c957e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: x.uHtlXNCyyngZfRw8M9nAXG3ar_i9PE
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:48 GMT
x-amz-request-id: J93X4XM7RA5Y3KYB
age: 68440
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8803
x-amz-id-2: jWKy0pD2J1yIlZ0qnZA5MkGYpipaCEkqHfNaklXl65Pqc4Ibyqn42trK3xDOmc6TyiNh6Xqv4rI=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 14:18:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473528.418961,VS0,VE0
etag: "efa9a271c5ab9dcb402e2b46552d37b2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 86
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 61498

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1760ms
465ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&lti=deflated&ri=76d2f5aee3e130a4def571e1daa3b7b5&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473521_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1693473522668%7D&tim=11%3A18%3A42.669&id=4027&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1761ms
467ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&lti=deflated&ri=76d2f5aee3e130a4def571e1daa3b7b5&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473521_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693473522683%7D&tim=11%3A18%3A42.683&id=8066&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1627ms
466ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&lti=deflated&ri=76d2f5aee3e130a4def571e1daa3b7b5&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473521_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A18%3A42.715&id=360&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 695ms
465ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A18%3A42.718&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6199&cv=20230830-8-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88283

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 694ms
464ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A18%3A42.719&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1194&cv=20230830-8-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88283

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 1183ms
1182ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A18%3A42.728&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7539&cv=20230830-8-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86610

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 1183ms
1183ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A18%3A42.730&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3725&cv=20230830-8-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86610

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 1185ms
1184ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A18%3A42.735&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=1644&cv=20230830-8-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86610

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 19 KB
6 KB 663ms
663ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A18%3A42.743&route=AM:IL:V&tvi2=5906&lti=deflated&data=%7B%22id%22%3A768%2C%22ii%22%3A%22%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473521_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA%22%2C%22ui%22%3A%22bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071%22%2C%22uifp%22%3A%22bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071%22%2C%22lbt%22%3A1693470926873%2C%22vi%22%3A1693473521632%2C%22cv%22%3A%2220230830-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%22%2C%22vpi%22%3A%22%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4237%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1255.046875%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d1521a7ff195d7ae07764fabbb7331529047213a760c276b5c9eaf611f31c2e7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 295
date: Thu, 31 Aug 2023 09:18:43 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 64697
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230073-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693473523.932782,VS0,VE295
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 110 KB
111 KB 1585ms
1566ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c903998f98922c65b42efe9f5b3daf281a94ffd5c8633ab1d49001cdb11cce4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 495
date: Thu, 31 Aug 2023 09:18:50 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age: 2476903
edge-cache-tag: 399188960726298103335710303397794594010,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 399188960726298103335710303397794594010,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time: 303
expiration: expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bg3.co/
content-length: 112946
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100161-IAD, cache-iad-kjyo7100099-IAD, cache-sna10724-LGB, cache-iad-kcgs7200021-IAD, cache-fra-eddf8230073-FRA
last-modified: Wed, 12 Jul 2023 08:36:47 GMT
server: nginx
x-timer: S1693473530.293564,VS0,VE495
etag: "7045c07b5ea463fb33744920e816db98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 0, 0

GET
H2 200 3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 62 KB
63 KB 1177ms
1158ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 089193c5def6ea660c36eb5facb28fab307bd87dba4dce136ed049ca16a0012d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 31 Aug 2023 09:18:50 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age: 2405670
edge-cache-tag: 399188960726298103335710303397794594010,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 399188960726298103335710303397794594010,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 343
expiration: expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://jvpnews.com/
content-length: 63466
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200035-IAD, cache-iad-kiad7000077-IAD, cache-chi-klot8100112-CHI, cache-iad-kiad7000105-IAD, cache-fra-eddf8230073-FRA
last-modified: Mon, 10 Jul 2023 18:00:30 GMT
server: nginx
x-timer: S1693473530.293569,VS0,VE2
etag: "c317022981eae96b91711fdcc49e9a20"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 2a98ab7ff8164a733795e04c11855458.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 1259ms
1258ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a98ab7ff8164a733795e04c11855458.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a331008b5c48a765021d8719974756979333876f5efc9a7a65d9589bf9a564ab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:51 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a98ab7ff8164a733795e04c11855458.png
age: 2609759
edge-cache-tag: 570505452571089158789494023227819054081,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 570505452571089158789494023227819054081,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 766
expiration: expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.falstaff.com/
content-length: 11678
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200043-IAD, cache-iad-kiad7000080-IAD, cache-sna10727-LGB, cache-iad-kcgs7200104-IAD, cache-fra-eddf8230073-FRA
last-modified: Mon, 24 Jul 2023 14:57:23 GMT
server: nginx
x-timer: S1693473531.376250,VS0,VE1
etag: "d041aac173a7e627f79b4f01db375a20"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 17, 1

GET
H2 200 5f5595a8-c720-42ce-aa2e-0b9c7b7967f2__0DZz79tp.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 22 KB
23 KB 1260ms
1259ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/5f5595a8-c720-42ce-aa2e-0b9c7b7967f2__0DZz79tp.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cabd95e9c7b16f60a9faa683088a5e20ae86467859920e87057fae02d0a30836

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:51 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/5f5595a8-c720-42ce-aa2e-0b9c7b7967f2__0DZz79tp.jpg
age: 1726026
edge-cache-tag: 360198782097738407077207483680462328696,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 360198782097738407077207483680462328696,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 87
expiration: expiry-date="Mon, 28 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.fizzlefakten.de/
content-length: 22882
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000124-IAD, cache-iad-kiad7000021-IAD, cache-lga21954-LGA, cache-iad-kcgs7200165-IAD, cache-fra-eddf8230073-FRA
last-modified: Fri, 28 Jul 2023 23:25:31 GMT
server: nginx
x-timer: S1693473531.375277,VS0,VE1
etag: "f813b235cc1ae4de578c5bd4e5b77ab8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 125, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 35 KB
36 KB 1259ms
1259ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:51 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 3269411
edge-cache-tag: 486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 315
expiration: expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 35954
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000071-IAD, cache-iad-kjyo7100118-IAD, cache-sna10735-LGB, cache-iad-kcgs7200136-IAD, cache-fra-eddf8230073-FRA
last-modified: Sat, 15 Jul 2023 22:28:28 GMT
server: nginx
x-timer: S1693473531.375258,VS0,VE1
etag: "f9d7aab2dcdde7833ec39551e6347199"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 25, 1

GET
H2 200 3c4c5774-bde4-4815-9c3b-462f1472aa22__6sE1iGJl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 27 KB
28 KB 1103ms
1103ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/3c4c5774-bde4-4815-9c3b-462f1472aa22__6sE1iGJl.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: df65cadd4452d3c90851c111d9b58a14405bd274e09db53c8becc63ee40289d0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:51 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/3c4c5774-bde4-4815-9c3b-462f1472aa22__6sE1iGJl.jpg
age: 514496
edge-cache-tag: 444501167326313404429188714305631795606,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 444501167326313404429188714305631795606,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 520
req-referer: https://www.tippsundtricks.co/
content-length: 28030
x-request-id: 7847bebc9b784b8cbaf15a5323d36f94
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100178-IAD, cache-iad-kcgs7200157-IAD, cache-sna10731-LGB, cache-iad-kiad7000031-IAD, cache-fra-eddf8230073-FRA
last-modified: Fri, 25 Aug 2023 07:08:52 GMT
server: nginx
x-timer: S1693473532.763257,VS0,VE1
etag: "8ef39efcca9eab518775992d10cfbcb0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 111, 1

GET
H2 200 220da1e85b068392f196058122b0753c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
33 KB 1363ms
1362ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/220da1e85b068392f196058122b0753c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3104f2999c906302457fed73c67b857b108ef3aff79920720122ad435994db74

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:51 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/220da1e85b068392f196058122b0753c.jpeg
age: 1992214
edge-cache-tag: 628620858344065057197150478538035464395,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628620858344065057197150478538035464395,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 188
expiration: expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://topmundodospets.com/seu-pet-fica-sozinho-aposte-em-brinquedos/
content-length: 32360
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200084-IAD, cache-iad-kiad7000126-IAD, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230073-FRA
last-modified: Thu, 20 Jul 2023 12:25:06 GMT
server: nginx
x-timer: S1693473532.787650,VS0,VE1
etag: "781350b13c7ef5e1e88da54b6fbd8c34"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 11, 1

GET
H2 200 3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 76 KB
77 KB 714ms
713ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f052a9a5963bfadca448a34f04e1e607b43fc84993033b8467507108476d7069

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 31 Aug 2023 09:18:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age: 2354904
edge-cache-tag: 399188960726298103335710303397794594010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 399188960726298103335710303397794594010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 807
expiration: expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.rnada.com/
content-length: 78008
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kiad7000056-IAD, cache-lax10645-LGB, cache-iad-kiad7000055-IAD, cache-fra-eddf8230073-FRA
last-modified: Mon, 10 Jul 2023 18:10:16 GMT
server: nginx
x-timer: S1693473532.466985,VS0,VE2
etag: "78dafeacc64b6b97989b38b48c90a6b1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 0, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 42 KB
43 KB 1074ms
1074ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 31 Aug 2023 09:18:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 5586045
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 219
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 42778
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21950-LGA, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230073-FRA
last-modified: Thu, 15 Jun 2023 08:18:42 GMT
server: nginx
x-timer: S1693473533.647959,VS0,VE0
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1216, 2

GET
H2 200 2a98ab7ff8164a733795e04c11855458.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
28 KB 1140ms
1140ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a98ab7ff8164a733795e04c11855458.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 56f21526a59690214e359621dcae86126d154d27d33c8b1644af2a78c45f12bd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a98ab7ff8164a733795e04c11855458.png
age: 3264790
edge-cache-tag: 570505452571089158789494023227819054081,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 570505452571089158789494023227819054081,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 309
req-referer: https://www.tag24.de/
content-length: 27530
x-request-id: ac06423d7a5787fa9ba79400d9a7d15b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100161-IAD, cache-iad-kjyo7100162-IAD, cache-sna10750-LGB, cache-iad-kcgs7200177-IAD, cache-fra-eddf8230073-FRA
last-modified: Mon, 17 Jul 2023 20:15:22 GMT
server: nginx
x-timer: S1693473533.805460,VS0,VE1
etag: "67aaaf6857baec89e0625aa6961f2afb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 4, 1

GET
H2 200 5f5595a8-c720-42ce-aa2e-0b9c7b7967f2__0DZz79tp.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 65 KB
66 KB 1122ms
1121ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/5f5595a8-c720-42ce-aa2e-0b9c7b7967f2__0DZz79tp.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e74c732b00eae493621cd75b24905addd39435b2668c69c662e6666a98279dc6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/5f5595a8-c720-42ce-aa2e-0b9c7b7967f2__0DZz79tp.jpg
age: 784672
edge-cache-tag: 360198782097738407077207483680462328696,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 360198782097738407077207483680462328696,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 395
expiration: expiry-date="Mon, 28 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.t-online.de/
content-length: 66310
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100062-IAD, cache-iad-kiad7000077-IAD, cache-iad-kcgs7200105-IAD, cache-fra-eddf8230073-FRA
last-modified: Fri, 28 Jul 2023 23:03:38 GMT
server: nginx
x-timer: S1693473533.866173,VS0,VE1
etag: "4e7370f39edac9389bcd9d49c75a1db4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 21, 1

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 40 KB
10 KB 371ms
370ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:46 GMT
age: 132365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10348
x-xss-protection: 0
server: sffe
etag: "279670ab552e383b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:46 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 373ms
371ms Image
image/jpeg 23.50.131.70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1693473523280
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-70.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 31 Aug 2023 09:18:51 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Thu, 31 Aug 2023 10:18:51 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
645 B 378ms
378ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10456
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrOcP7duyyMwBpGSIkKnFVRWNA%2BVmnhgnL4uhzWLDowyAr1NQpYdtEWKEkkEnBxVMGFD279HmSnirMAxHhfS%2FPJb7CXLBM4fwMvRzUj4%2FXjKpSyzAbvNRYQwYd%2FHUOInuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ff4301258e9035a-CDG

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 2243ms
471ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 96df991cd01e45c69647b1631217419decb417c3949037b76c96df443276a07e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 2228ms
466ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 96df991cd01e45c69647b1631217419decb417c3949037b76c96df443276a07e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 1820ms
532ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5147252987510813&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:44 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 1821ms
535ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9052621762243027&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:45 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 472ms
470ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A18%3A43.431&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=5412&cv=20230830-8-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 90824

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 436ms
436ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi2=5906&lti=deflated&ri=33573a7a768b718ff2a36b10c7d7df70&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473522_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1693473523456%7D&tim=11%3A18%3A43.456&id=2996&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 894bd180d972f7a2290c40e4094bb42c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 85 KB
86 KB 1445ms
1445ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/894bd180d972f7a2290c40e4094bb42c.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3652b3f625e83250b93bee91eb474f1a6dbee1d2c8519331ab48f42e72c1c750

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/894bd180d972f7a2290c40e4094bb42c.jpg
age: 2318271
edge-cache-tag: 605917416613022259179244643513855005114,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 605917416613022259179244643513855005114,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 168
req-referer: https://www.balkanweb.com/
content-length: 86946
x-request-id: cf5fc4792eda2218cba66f6b3d529492
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000176-IAD, cache-iad-kjyo7100175-IAD, cache-sna10730-LGB, cache-iad-kcgs7200086-IAD, cache-fra-eddf8230073-FRA
last-modified: Fri, 04 Aug 2023 10:54:33 GMT
server: nginx
x-timer: S1693473533.034112,VS0,VE1
etag: "e7f1f61bc11c66048e7836302a637ad2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 9, 1

GET
H2 200 8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 1609ms
1609ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f5113f6fdf912946eb427523777f496019f8b48d318d33db21a61f091d78978

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age: 2428516
edge-cache-tag: 469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 258
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 16422
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200105-IAD, cache-iad-kjyo7100020-IAD, cache-lga21931-LGA, cache-iad-kjyo7100167-IAD, cache-fra-eddf8230073-FRA
last-modified: Mon, 17 Jul 2023 12:53:47 GMT
server: nginx
x-timer: S1693473533.191888,VS0,VE1
etag: "ff39c8a01202a06ef26c0143701091ae"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1114, 1

GET
H2 200 2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
27 KB 1341ms
1341ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8382752dea1b971983eeee3c2d2059c386b0450cf813ae0b54227303c95d7213

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age: 1102921
edge-cache-tag: 495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 244
expiration: expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.timesunion.com/preview/article/The-Capital-Region-s-75-essential-restaurants-13259370.php
content-length: 27146
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200099-IAD, cache-iad-kjyo7100039-IAD, cache-sna10730-LGB, cache-iad-kjyo7100043-IAD, cache-fra-eddf8230073-FRA
last-modified: Thu, 10 Aug 2023 01:38:37 GMT
server: nginx
x-timer: S1693473534.613059,VS0,VE1
etag: "4da26575e1978428f0b62597ca689e9e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 939, 1

GET
H2 200 3730f442c65dc0a1b3d8b5cb7843ac8c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 68 KB
68 KB 1874ms
1873ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3730f442c65dc0a1b3d8b5cb7843ac8c.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 25d1b9e388b15132d728417cebe03a814f5b279a5d9a86bcc929ba43869d1f6f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1406
date: Thu, 31 Aug 2023 09:18:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3730f442c65dc0a1b3d8b5cb7843ac8c.jpg
age: 0
edge-cache-tag: 474885428582683034424652223763736691525,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 474885428582683034424652223763736691525,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 1041
req-referer: https://www.bg3.co/
content-length: 69148
x-request-id: 85b2d017224f55d3101b073124b90588
x-backend-name: CH_nlb804
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kiad7000026-IAD, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230073-FRA
last-modified: Thu, 10 Aug 2023 13:19:45 GMT
server: nginx
x-timer: S1693473534.863001,VS0,VE1406
etag: "f8165670781499b229844699d3d5deb6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0

GET
H2 200 shutterstock-HOME.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/8b5kGD4/ 42 KB
42 KB 1082ms
1081ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/8b5kGD4/shutterstock-HOME.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78b1fdd347ffe6ebfb7879e01645c458583fa8a74a15533822bb76c51454c119

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 31 Aug 2023 09:18:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/8b5kGD4/shutterstock-HOME.jpg
age: 3779273
edge-cache-tag: 417267357035160283418366258387984599094,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 417267357035160283418366258387984599094,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 326
req-referer: https://www.gazzetta.it/
content-length: 42820
x-request-id: 76cfb02ae1c91484e705313b5538f6a5
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200099-IAD, cache-iad-kiad7000094-IAD, cache-chi-kigq8000044-CHI, cache-iad-kjyo7100095-IAD, cache-fra-eddf8230073-FRA
last-modified: Wed, 28 Jun 2023 19:10:35 GMT
server: nginx
x-timer: S1693473534.993142,VS0,VE2
etag: "3a6ad3af88859bdad259a9713c247f72"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 6, 1, 14, 1

GET
H2 200 e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 25 KB
26 KB 983ms
982ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e361396300428cd3c7d4f259de28cd0c1b706d3fcd6a5e484efaf51a51fb87f0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age: 2553379
edge-cache-tag: 371149999047074580014513752138842485437,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371149999047074580014513752138842485437,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 85
expiration: expiry-date="Thu, 03 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.espn.com/
content-length: 26020
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200137-IAD, cache-iad-kiad7000100-IAD, cache-chi-klot8100098-CHI, cache-iad-kiad7000169-IAD, cache-fra-eddf8230073-FRA
last-modified: Mon, 03 Jul 2023 06:23:41 GMT
server: nginx
x-timer: S1693473534.335999,VS0,VE1
etag: "c7e57f0ab462fea0a7b18dfc573bbc2d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 10674, 1

GET
H2 200 2488.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//staging.clickcrew.com/storage/cockpit-campaigns-builder/Car%2520Deals/TB/ 20 KB
21 KB 393ms
393ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//staging.clickcrew.com/storage/cockpit-campaigns-builder/Car%2520Deals/TB/2488.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f65d74d48304310353ee38d26c82aa0bb4486ad4c9fad45c8936ffd3f2a3cb35

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//staging.clickcrew.com/storage/cockpit-campaigns-builder/Car%2520Deals/TB/2488.png
age: 8802148
edge-cache-tag: 495906778179558752273955756021195305039,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 495906778179558752273955756021195305039,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 291
expiration: expiry-date="Mon, 12 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.football-espana.net/
content-length: 20986
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100163-IAD, cache-iad-kjyo7100028-IAD, cache-chi-kigq8000179-CHI, cache-iad-kcgs7200073-IAD, cache-fra-eddf8230073-FRA
last-modified: Fri, 12 May 2023 08:14:37 GMT
server: nginx
x-timer: S1693473535.202806,VS0,VE1
etag: "ef422024c87340044e912fc36b833952"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 46, 1

GET
H2 200 ff4e279ec6394adca734e39c1773ddf5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 62 KB
63 KB 736ms
736ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff4e279ec6394adca734e39c1773ddf5.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1711b130e81bf66aa0781b7799fdf8bf13458ab01aac68368d4815581c158c97

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff4e279ec6394adca734e39c1773ddf5.png
age: 1176554
edge-cache-tag: 425332240362146354981156509830986295471,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 425332240362146354981156509830986295471,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 293
req-referer: https://www.oe24.at/
content-length: 63462
x-request-id: 3e1115aaba8e16d95c3cea87ee84b148
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100081-IAD, cache-iad-kiad7000052-IAD, cache-sna10735-LGB, cache-iad-kjyo7100055-IAD, cache-fra-eddf8230073-FRA
last-modified: Wed, 09 Aug 2023 10:28:29 GMT
server: nginx
x-timer: S1693473535.312672,VS0,VE1
etag: "8ab519f7f5ef4d2a024ac3e142cd17ba"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 cb2f2b8791823561e4043db1d806293a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 58 KB
59 KB 835ms
835ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2f2b8791823561e4043db1d806293a.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a98278eee18a1c55f00d62132063c0e52b948a725f502877160d5d15b2b46a57

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 31 Aug 2023 09:18:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2f2b8791823561e4043db1d806293a.jpg
age: 1887714
edge-cache-tag: 488490386920394958419180526252434716045,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 488490386920394958419180526252434716045,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 300
expiration: expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sports.fr/
content-length: 59338
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000066-IAD, cache-iad-kiad7000114-IAD, cache-iad-kjyo7100169-IAD, cache-fra-eddf8230073-FRA
last-modified: Fri, 21 Jul 2023 09:35:14 GMT
server: nginx
x-timer: S1693473535.385831,VS0,VE1
etag: "62916b5e9ca6bcff16a2699913054785"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 8, 1

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
126 B 786ms
786ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=5906&route=AM%3AIL%3AV&lti=deflated&bulkSize=19
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 246
date: Thu, 31 Aug 2023 09:18:44 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 64070
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230073-FRA
pragma: no-cache
server: nginx
x-timer: S1693473524.094691,VS0,VE246
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 bg3.js Show response
cdn.unibotscdn.com/clientdata/js/ 1 KB
1 KB 398ms
397ms Script
application/javascript 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/bg3.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: 85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:52 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-168
cdn-cachedat: 08/26/2023 12:01:21
cdn-pullzone: 873945
last-modified: Sat, 26 Aug 2023 12:00:46 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 660
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e9e96e-57f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: cabe2aa2491a8b6d15079d32c64bdb61
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 975 B
1 KB 377ms
376ms Stylesheet
text/css 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: 7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:44 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-588
cdn-cachedat: 08/09/2023 17:49:28
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 4580cf4ba6580972c7aee5f193bdaf5c
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 4 KB
2 KB 379ms
379ms Stylesheet
text/css 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:44 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-164
cdn-cachedat: 08/28/2023 14:43:30
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 576
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-eda"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 5643827c28d57a7ca737deea91420aeb
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 39 KB
11 KB 397ms
396ms Stylesheet
text/css 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:44 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-680
cdn-cachedat: 08/29/2023 14:59:51
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:08 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf618-9cdf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 4edbe26922a51852efe4baf060f3b4fd
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg3.css
cdn.unibotscdn.com/clientdata/css/ 1 KB
1 KB 540ms
540ms Stylesheet
text/css 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/bg3.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:44 GMT
content-encoding: br
cdn-edgestorageid: 863
cdn-storageserver: DE-167
cdn-cachedat: 08/09/2023 22:25:50
cdn-pullzone: 873945
last-modified: Tue, 01 Aug 2023 11:45:19 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64c8f04f-534"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 131027ce5a7ce37c9a09af8a7e57dc66
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 7 KB
2 KB 541ms
541ms Stylesheet
text/css 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: 1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:44 GMT
content-encoding: br
cdn-edgestorageid: 1054
cdn-storageserver: DE-662
cdn-cachedat: 08/25/2023 08:14:47
cdn-pullzone: 873945
last-modified: Fri, 25 Aug 2023 08:08:48 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 647
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e86190-1b06"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: f0921aaed196f4057a5bd353c8cc4040
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 356 KB
123 KB 1923ms
405ms Script
text/javascript 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125515
x-xss-protection: 0
expires: Thu, 31 Aug 2023 09:18:54 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 1386ms
1386ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:53 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1968
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693473533.034127,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 34
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 9488

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 1062ms
1061ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:54 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 28642
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473534.415528,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 46223

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2C32 18 KB
8 KB 1904ms
414ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

90c259533ec47744d95ce3323001c1bd3dad5317528f875c73eac53352d0fe85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7893
x-xss-protection: 0
server: cafe
etag: 3726694196855522691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:18:46 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 586B 18 KB
8 KB 1939ms
454ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

69fe41c791cb7e9d0c0302fb9b341216ffb4915ed08ee5ac15831731f71e1bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7893
x-xss-protection: 0
server: cafe
etag: 6271390926059728646
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:18:46 GMT

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame CF40 714 B
610 B 382ms
381ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 9252
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ff430206bc4035a-CDG
content-encoding: br
content-type: text/html
date: Thu, 31 Aug 2023 09:18:45 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkJxTzHcYBoTmrBlHVF%2FJJglXxYqSy5ReAkhIT65W94YFygUa6rIAzciqZwZgs4UQedCZLb7rMWqaH90XEpDg7ImAAve1sbIw7z7tQJrYlsvs212XKilZwoTzbgxNsczXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2673
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

1567ms
369ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Aug 2023 09:18:48 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 31 Aug 2023 09:18:47 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
273 B 1732ms
460ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:56 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 614C 714 B
555 B 405ms
404ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 9252
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ff43020ac06035a-CDG
content-encoding: br
content-type: text/html
date: Thu, 31 Aug 2023 09:18:45 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wy5YsfyR3W8Br6zvlfAbdqcQA82gflgfB%2FaPNeElCHiTKAZhxfaKNzQAPhhN3K64iC9O6VS5SfhwwSpY3GsBpJDXqkwyRbLVmSBakLbbTW2nHlrTYNr%2BFomFgtdC1%2FrKUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4717
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

1590ms
392ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Aug 2023 09:18:48 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 31 Aug 2023 09:18:47 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CF40 98 KB
29 KB 1954ms
450ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

d5b6e720c97545e44ecdffedb536648d55054637f814638246f3a455e3a36eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28843
x-xss-protection: 0
server: cafe
etag: 4 / 19600 / m202308240101 / config-hash: 511729982952978637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:18:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 614C 98 KB
28 KB 2126ms
655ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8268abf9898fd4eafea5a954babaa1771f51b1ffac7c96f507cf47359fe20102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28844
x-xss-protection: 0
server: cafe
etag: 585 / 19600 / m202308240101 / config-hash: 511729982952978637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:18:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C32 145 KB
50 KB 459ms
458ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e73480c41823ecca06aea8b2a538d9ca5baf42b598533bdc5ad9123ddf3c0169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51057
x-xss-protection: 0
server: cafe
etag: 7410580081987361638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:18:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 586B 145 KB
50 KB 525ms
522ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f49ac5f2839705797a719015b7081bc80a67faaf50be2991816fc360ab844457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51054
x-xss-protection: 0
server: cafe
etag: 2714316467392766797
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:18:56 GMT

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 437ms
437ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi2=5906&lti=deflated&ri=33573a7a768b718ff2a36b10c7d7df70&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473522_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A9388%7D%22%2C%22eventTime%22%3A1693473527688%7D&tim=11%3A18%3A47.689&id=9674&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 429ms
429ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&tvi2=5906&lti=deflated&ri=33573a7a768b718ff2a36b10c7d7df70&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473522_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22305.046875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A18%3A47.714&id=8602&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 1901ms
388ms Script
application/javascript 2.16.238.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-17.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 31 Aug 2023 09:18:57 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1693473537445_34664209_1332250884_622_1237_133_0_146";dur=1
content-length: 122286
expires: Fri, 30 Aug 2024 09:18:57 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
563 B 1893ms
381ms Script
application/javascript 2.16.238.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-17.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 31 Aug 2023 09:18:57 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693473537839_34664209_1332250885_18_1225_133_394_146";dur=1
content-length: 211
expires: Fri, 30 Aug 2024 09:18:57 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 1547ms
389ms Script
application/javascript 2.16.238.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-17.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 31 Aug 2023 09:18:57 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1693473537839_34664209_1332250886_644_1315_133_0_146";dur=1
content-length: 18371
expires: Thu, 31 Aug 2023 10:18:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 444ms
444ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

4d8de01595aa6326c6f86dc2006108c4c83f441d553293064491a73ddd95d2c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29212
x-xss-protection: 0
server: cafe
etag: 67 / 19600 / m202308240101 / config-hash: 511729982952978637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:18:56 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 1596ms
384ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM0NzM1MjgwNDgsInBhY2tldElkIjoiMDAwMEE3MDEtMmM3YTQ5ZWUtZThhOS00NTk0LTk4YWMtMzIzZjE4MTQ4MmE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21lbmctd2VpLWVyLXpob25nLWppLXNpLWppLWRlbmctYmFuLWxpbi15dWUtcGluZy14aWFuLXFpYW5nLWppbi10aWFuLWZlbmctd2FuZy16YWktdGlhby16aGFuLXF1YW4tbmlhbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=13515.20000076294
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 1450ms
385ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
308 B 730ms
387ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM0NzM1MjgxNDEsInBhY2tldElkIjoiMDAwMEE3MDEtMmM3YTQ5ZWUtZThhOS00NTk0LTk4YWMtMzIzZjE4MTQ4MmE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21lbmctd2VpLWVyLXpob25nLWppLXNpLWppLWRlbmctYmFuLWxpbi15dWUtcGluZy14aWFuLXFpYW5nLWppbi10aWFuLWZlbmctd2FuZy16YWktdGlhby16aGFuLXF1YW4tbmlhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=13607.70000076294
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
308 B 729ms
386ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM0NzM1MjgxNDUsInBhY2tldElkIjoiMDAwMEE3MDEtMmM3YTQ5ZWUtZThhOS00NTk0LTk4YWMtMzIzZjE4MTQ4MmE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21lbmctd2VpLWVyLXpob25nLWppLXNpLWppLWRlbmctYmFuLWxpbi15dWUtcGluZy14aWFuLXFpYW5nLWppbi10aWFuLWZlbmctd2FuZy16YWktdGlhby16aGFuLXF1YW4tbmlhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=13611.20000076294
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
308 B 731ms
388ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM0NzM1MjgxNDUsInBhY2tldElkIjoiMDAwMEE3MDEtMmM3YTQ5ZWUtZThhOS00NTk0LTk4YWMtMzIzZjE4MTQ4MmE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21lbmctd2VpLWVyLXpob25nLWppLXNpLWppLWRlbmctYmFuLWxpbi15dWUtcGluZy14aWFuLXFpYW5nLWppbi10aWFuLWZlbmctd2FuZy16YWktdGlhby16aGFuLXF1YW4tbmlhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=13612
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
308 B 593ms
388ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM0NzM1MjgxNDEsInBhY2tldElkIjoiMDAwMEE3MDEtMmM3YTQ5ZWUtZThhOS00NTk0LTk4YWMtMzIzZjE4MTQ4MmE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21lbmctd2VpLWVyLXpob25nLWppLXNpLWppLWRlbmctYmFuLWxpbi15dWUtcGluZy14aWFuLXFpYW5nLWppbi10aWFuLWZlbmctd2FuZy16YWktdGlhby16aGFuLXF1YW4tbmlhbi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=13615.100002288818
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ Frame CF40 404 KB
127 KB 379ms
378ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 17:16:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57746
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 17007686020673988365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 29 Aug 2024 17:16:22 GMT

GET
H2 200 pubads_impl_fy2012.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ Frame 614C 404 KB
127 KB 391ms
391ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_fy2012.js?cb=31076166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 00:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31399
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 17007686020673988365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 30 Aug 2024 00:35:29 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 436ms
435ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A18%3A48.374&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5678&cv=20230830-8-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 103916

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 864D 422 B
343 B 374ms
373ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&cmcv=&pix=undefined&cb=1693473528502&uv=3328&tms=1693473528502&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=792f9d33-fe51-42d0-81af-5792596a905c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9139e8b1528aefa936b8da179811e414eea46b90344c63f96705ea90103d703b

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 31 Aug 2023 09:18:48 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230073-FRA
x-timer: S1693473529.686339,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame F5C8 439 B
525 B 1653ms
444ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 700398807e34023d67ccd866d532b650e00a456f43e8aed5a052a3a512800594

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 31 Aug 2023 09:18:49 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
789 B 410ms
409ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693473528507&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1545&pt=614113391&tz=120&viewable=true&ddast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57e8066598173ba24d95990c567552df53ad7ac5bd0fa1b0b77f34c01a18aca7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 31 Aug 2023 09:18:48 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1467
x-cache: MISS
x-served-by: cache-fra-eddf8230073-FRA
pragma: no-cache
server: nginx
x-timer: S1693473529.704014,VS0,VE34
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 422ms
388ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&cmcv=&pix=31589837&cb=1693473528502&uv=3328&tms=1693473528502&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693473514534.1!ts:1693473528501&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:58 GMT
content-length: 0
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 2986ms
1424ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 31 Aug 2023 09:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 08:10:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Aug 2023 09:18:50 GMT

GET
H2 200 spa-detector.20230830-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 397ms
391ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230830-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fe72ac12934187ba4ae8090a861fcc160c3fe0badcd70735c9067117da7b2fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dfXoEq2_SElStEoe_FUAHCLRNYXGtSGR
content-encoding: gzip
via: 1.1 varnish
date: Thu, 31 Aug 2023 09:18:58 GMT
x-amz-request-id: 3PP12MM9E491GKA0
age: 68431
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: xEiwKe9sU63mCICDEcFMpgTG5Sx2nkD1lO8kJfoSk5HHdkU6u5QApL6OlWxy6SreSUBMYmLzXoM=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 14:18:28 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693473539.818166,VS0,VE0
etag: "4b04319bfbc4f6b5e2df79688ffe0f0f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 63109

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 432ms
427ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&tvi2=5906&lti=deflated&ri=33573a7a768b718ff2a36b10c7d7df70&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473522_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A18%3A48.605&id=7162&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 433ms
427ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi2=5906&lti=deflated&ri=33573a7a768b718ff2a36b10c7d7df70&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473522_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1693473528606%7D&tim=11%3A18%3A48.606&id=1871&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 433ms
428ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&tvi2=5906&lti=deflated&ri=33573a7a768b718ff2a36b10c7d7df70&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473522_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A18%3A48.608&id=1778&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 433ms
428ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi2=5906&lti=deflated&ri=33573a7a768b718ff2a36b10c7d7df70&sd=v2_68297e4193bd0d9b6f2e800cb429d04f_bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071_1693473521_1693473522_CNawjgYQ2YJdGOD_jNekMSABKAEwKziy0A1AuogQSJOf3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&pi=/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&wi=5758478715429965679&pt=text&vi=1693473521632&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1693473528610%7D&tim=11%3A18%3A48.611&id=5918&llvl=2&cv=20230830-8-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CF40 499 B
617 B 415ms
415ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3346118162791088&correlator=2050267182439165&eid=31075591&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693473528778&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=jodmlasryhyy&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=490991683.1693473529&ga_sid=1693473529&ga_hid=979207178&ga_fc=false&dlt=1693473526025&idt=2732&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

c8645f41116997c8bf77985ee10ffaaf515c3ca99c4bec5e115f66813cfdeb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fe223a3fa65cffa7fc216fdad341cd67.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 521A 6 KB
3 KB 2598ms
1065ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe223a3fa65cffa7fc216fdad341cd67.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:18:51 GMT
expires: Fri, 30 Aug 2024 09:18:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 864D 70 B
264 B 2312ms
1028ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&cmcv=&pix=undefined&cb=1693473528502&uv=3328&tms=1693473528502&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=792f9d33-fe51-42d0-81af-5792596a905c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 864D 43 B
426 B 2738ms
437ms Image
image/gif 54.171.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&cmcv=&pix=undefined&cb=1693473528502&uv=3328&tms=1693473528502&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=792f9d33-fe51-42d0-81af-5792596a905c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.4.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-4-14.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 864D 43 B
146 B 2493ms
1090ms Image
image/gif 52.59.55.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&cmcv=&pix=undefined&cb=1693473528502&uv=3328&tms=1693473528502&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=792f9d33-fe51-42d0-81af-5792596a905c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2673 34 KB
10 KB 377ms
377ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 09:18:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14967
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:28:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4717 34 KB
10 KB 409ms
407ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 09:18:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14967
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:28:16 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_2_8/infra/ 876 KB
144 KB 392ms
392ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_2_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 67969e81d73084e8b59350139fd5c3c7116718e978c30c73aacfd0a0b2c1d301

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693386534
date: Thu, 31 Aug 2023 09:18:58 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: W4CP9E790G5GP3H0
age: 58510
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693386535
x-amz-meta-mode: 33188
content-length: 146834
x-amz-id-2: NoptK/FUceV6f42IhzbrGZQ26b23q37yS0zVKFwqMKTO1ARbZDfzgYfKT99q/LJX+1o+h12SHLA=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 30 Aug 2023 09:08:56 GMT
server: AmazonS3-br
x-timer: S1693473539.818472,VS0,VE0
etag: "f3358c33aa390907ccd8875fbcd16d64"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 6969

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_8/assets/css/ 60 KB
8 KB 371ms
371ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_2_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693386553
date: Thu, 31 Aug 2023 09:18:49 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: KH489DQ5MFAPY73E
age: 86853
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693386554
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: UJSr4+ztBwdANQsM3/nMunhdDjPADWLGWCmFcI0hUevdkQEbPBtwhSNZo1YiTanyO5RR4TfneTI=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 09:09:15 GMT
server: AmazonS3-br
x-timer: S1693473529.109613,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 15377

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 614C 499 B
419 B 410ms
409ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4379852808369165&correlator=2140193129427499&eid=31076166&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693473528945&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=f6u7fm57ydpb&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=161299559.1693473529&ga_sid=1693473529&ga_hid=312191896&ga_fc=false&dlt=1693473526059&idt=2870&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

20572329ec42b7f03e9731f0fbc9e45855db05527318f5b5c7d75ba18b04071f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c71d37e279d813295d127a903ee7afd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E76 6 KB
3 KB 2635ms
406ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c71d37e279d813295d127a903ee7afd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:18:51 GMT
expires: Fri, 30 Aug 2024 09:18:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 213 KB
56 KB 383ms
383ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:10 GMT
age: 132408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57645
x-xss-protection: 0
server: sffe
etag: "2fe8959ce43a8d1d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:10 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2673 284 B
934 B 2693ms
394ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4717 284 B
921 B 2633ms
381ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
665 B 385ms
382ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 31 Aug 2023 09:19:01 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 10303
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1693473542.888347,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 8320

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F5C8 70 B
265 B 1029ms
1027ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071
pr-bh.ybp.yahoo.com/sync/taboola/ Frame F5C8 43 B
425 B 1457ms
438ms Image
image/gif 54.171.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.4.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-4-14.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame F5C8 0
125 B 2631ms
392ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:52 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CF40 15 KB
12 KB 424ms
424ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

83a0cbe9d9d581d9528450736999a2aeac3dbc83ac7ae9d3d5ed0d4a1b2da611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11793
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 614C 15 KB
11 KB 419ms
419ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ea1ccd556baaf93dd1ee9f13e1e6248853fdd33dc82a0415f682b57ef1b61d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11688
x-xss-protection: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 4717
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLYYEZYG-Y-EN5C
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLYYEZYG-Y-EN5C
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/988e88a8-d7e7-3a21-b705-a6e3ce35ff95?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JMB4COdE2oXxEY3CHxQfl.KUXQgfr7wET.sLOYc-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

473ms
473ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date: Thu, 31 Aug 2023 09:18:57 GMT
connection: close
content-length: 111
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CF40 17 KB
7 KB 1889ms
390ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 09:18:53 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 2673
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLYYEZYL-1M-52ND
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLYYEZYL-1M-52ND
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/988e88a8-d7e7-3a21-b705-a6e3ce35ff95?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JMB4COdE2oXxEY3CHxQfl.KUXQgfr7wET.sLOYc-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

393ms
393ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date: Thu, 31 Aug 2023 09:18:57 GMT
connection: close
content-length: 111
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 614C 17 KB
6 KB 1889ms
436ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 09:18:53 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2673
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=I1xNnYVPTRK0omhwHjGEkw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=I1xNnYVPTRK0omhwHjGEkw

43 B
479 B

481ms
481ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=I1xNnYVPTRK0omhwHjGEkw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:18:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TE4R2T91T987FEX53ZTF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=I1xNnYVPTRK0omhwHjGEkw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2673
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExZWUVaWUwtMU0tNTJORA==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECVuTI3bGwBrzWsH-S0Ms-w&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZWUVaWUwtMU0tNTJORA==&google_push=

170 B
232 B

404ms
399ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZWUVaWUwtMU0tNTJORA==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZWUVaWUwtMU0tNTJORA==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2673
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OqSQv6F3TPmzJblrbRM9iA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OqSQv6F3TPmzJblrbRM9iA

43 B
479 B

480ms
480ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OqSQv6F3TPmzJblrbRM9iA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:18:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZT2B3J64AHCWQGW45RJ5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OqSQv6F3TPmzJblrbRM9iA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2673
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBmI9cWR91pPQs2_6GKItKg&google_cver=1

42 B
691 B

1002ms
380ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBmI9cWR91pPQs2_6GKItKg&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBmI9cWR91pPQs2_6GKItKg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2673
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTI4NTg4MDM3Y2ZjZWIwZmFmZDBjYzliOGJhYWZjYWU1OTk4NzY1Yw

170 B
409 B

1268ms
387ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTI4NTg4MDM3Y2ZjZWIwZmFmZDBjYzliOGJhYWZjYWU1OTk4NzY1Yw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:18:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTI4NTg4MDM3Y2ZjZWIwZmFmZDBjYzliOGJhYWZjYWU1OTk4NzY1Yw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 2673
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLYYEZYL-1M-52ND

0
865 B

2011ms
491ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLYYEZYL-1M-52ND
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:53 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9456439E107C4DF09BE8EC538BF55C09 Ref B: ZRHEDGE1721 Ref C: 2023-08-31T09:18:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYENIh32Q1s9C81Obbonw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLYYEZYL-1M-52ND
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2673
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/zTQbBo64zNWG2ijpcRli28n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FqGdMD1E2oJoaBuZeOYfl6ozOH3uvofNjFxvgA--~A

42 B
691 B

1131ms
404ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FqGdMD1E2oJoaBuZeOYfl6ozOH3uvofNjFxvgA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 31 Aug 2023 09:18:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FqGdMD1E2oJoaBuZeOYfl6ozOH3uvofNjFxvgA--~A
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2673 70 B
264 B 397ms
397ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:18:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 il95o8vjrn Show response
www.clarity.ms/tag/ 650 B
1019 B 2308ms
755ms Script
application/x-javascript 13.107.213.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/il95o8vjrn
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a6edd4ba91520b126f5baa9222c8fda8d08ba4c65659d50b2ab4ecd8aa310e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date: Thu, 31 Aug 2023 09:19:02 GMT
x-azure-ref: 0B1vwZAAAAAB6hqHgqu0rQr3MNzCKSApeWlJIRURHRTEzMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 650
expires: -1

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F4D 13 KB
5 KB 377ms
375ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 08:51:30 GMT
expires: Fri, 30 Aug 2024 08:51:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0575 829 B
1 KB 1937ms
405ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

f41e3d36c7e6b7a675503212266d0fd322c783f72f3daf64c6ceb4e50b444e29

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QzTamxCs3Td98xpvXTuKIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-QzTamxCs3Td98xpvXTuKIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:18:55 GMT
expires: Thu, 31 Aug 2023 09:18:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6DBF 13 KB
5 KB 372ms
371ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 08:51:30 GMT
expires: Fri, 30 Aug 2024 08:51:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F5FC 829 B
762 B 1791ms
408ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

7a49046f36bdc6d5ac72f61dd03d0f50c43e2587a5e20b55a5d821bc2e8bed4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l293XUMtrUdpZxntWjuTAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-l293XUMtrUdpZxntWjuTAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:18:55 GMT
expires: Thu, 31 Aug 2023 09:18:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
pips.taboola.com/ 4 B
181 B 1909ms
394ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230029-FRA
date: Thu, 31 Aug 2023 09:18:55 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F4D 38 KB
15 KB 374ms
373ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:23:53 GMT

GET
H2 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DBF 38 KB
15 KB 393ms
392ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:23:53 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 6DBF 0
40 B 394ms
393ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uVsQ4Q
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 0F4D 0
38 B 389ms
388ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c2e2iA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:18:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 video.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 524 KB
161 KB 372ms
372ms Script
application/javascript 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:02 GMT
content-encoding: br
cdn-edgestorageid: 860
cdn-storageserver: DE-570
cdn-cachedat: 07/06/2023 22:30:42
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:19 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 340
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642bf623-830a3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 99d82637836e0c1ea9171aa6239432bd
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 614C 0
0 663ms
662ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=4379852808369165&bg=!GBulG1TNAAYHwnCgJ8I7ADQBe5WfODFQwCGuV7X2nYg2xFOe4mUNQTea9rpAxf-e3KXZ211FqB80cpfz-rf86nO2_xKsAgAAAJBSAAAACGgBB5kCyNzosbuYGHZOC9k7XjTMR7hD2Si-CqFlq5SgunN6w4QgKk630zVUJKWhxQyFH17NksA4TAtHO4bouugZDeKSEDcYnMEyanj3mdlARZ3HiMOLU7Jy39WS9XlQOAf83caxEctu6h3VAX9JDso6dH-gyk1WDOmzN7AFf_xtZcu7N8PbRHc1TvNZ56ic-8-tRa0oTd6cPhjZw8KVT3imjHlX3oCSffp7TdFjnyqU_THf1WUh00laWvmOIBM1sdCYXAAJR1Kdb56TE1kwChXNf-OpGm8UhxrKXkjVZH5z3vI29bkOKUwNGE7rxB3UbKwietl4QJ_xsuC6aFwOM8XHvoEVn11utIj5QtgkD_vTZXVfksBJgmMNx9FsXxjHKQMo6GWKg2eH3XXJKBt5vpPBN1h1lhsFjQHTOcCOzTkoOWFO5IXJ2EUvvfVKpGAzlXi6enIj3zz-Khc1zbJrt24ceZnFB_Gi3JYnHOLUYVLeJxE4XOd-g-eSE5JvZAuNxU0pv4YmeHd8vmRZHiC-FUEG0tMZm4Ub7TbhST-KXRutuLJG5HxNgvA7vERSHG5xVtMzire1U_C6YZsl_H1ASpCLJUYqCL1en9FFC4sSqX6tGkZbITmGJ0SbMx6fkzuDuGpyY28fiNnC0o8SXfK0MKRtERgKTQPEBN4qrspKQQtYJtBhXqf64M-WZrwiLK-mfdp943WHHVbp1RP3AcsK4XLIUsZE79WCfvXJI4kqW0QDkt4RDtinwsyrXtAbxTKPnfdpi2t-8IK9_gcWHTbVQS6tuW6P-I29kxPWsNHqK0J0rrWCZnj6BAypB9e-GFVZUTgHzA4LThGv2EvZSYRSV-VQ95Wh5S92JYhhxahKeLm4dEHWvAhvL0qIXhKi4eipcEMOmC6qGuJATv6STxqwR5bdz59Jp8hF5gNpwjpSGAK8AFkSexmsb91Yt2nb4I0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF40 0
0 661ms
661ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=3346118162791088&bg=!19Sl1JvNAAYHwnCgJ8I7ADQBe5WfOElAN-0shrvHfPmOW1IqGZ1sWdaRTj20d8A8CnrQ3e7PIJV_uze8iE8KEpnIREdGAgAAAK5SAAAADWgBB5kC2R4ohtSwgftYgJb4zc-Xw1JT41Mtw9uxJjb7vth1ecxQ_L6a1_nwENYqfyvkJZP68UgVqTiWB_Xg3YO0vfkgtffNWdLkrS5hZnPRKDZJy8ni6Io0U6_UVz3QUWqQ09z5iAG9H6uHnknWGbN4QzeJQncNU2BSEllHXbC41rJVyz6ZwiZiJEaHzMEOh8iUNPpieYQGahzZKNdAAPbLDO0liif_OlmfP2FZ5sMLeF-tDJivLoIlsJPhJxlRXGeAfxR-O4ET_s7eupC7W3QBuOxOYkbBD5Bo9megDKnZtGU4V90xD5X80PTR5ccmzAPGMbtcmP8x_aUfuffSMWtvx8c8PhQ49jbiyar7s8nRaF1wN0IWTSsilFOgth5JA8nxW8kpcnAZqMMCRpfhw4y-B2Yz3Ic-aKQBUyPhC7P5HTmSymigPamelmBoymGFw4VeipklB8igbptIMjwnKXo_K3Yjc_izXtPfUqWyfnRnF33U7JO25BkQcaWJqhNvjpmQL1CA5ge3ez_hJk47uunDDwI5lOvsjGaN0tysAJ_HfA7klyDQo7-kBDM2KzRZJcyf8ogidLskmr9PGJsfmalc8gXlfC8estA_c5yeheWlCPN65VII0Mytw0lL1vZrDrwylGVTLtlLngmw4BYrCHoglsMFwdDpYo-nHKTK-P-pHyDlJN-1pKpgqfFd5hoVPKt10zF8VOOt9y3wEiODR8_JdsknPfA5-C9bdAtsA85DfJ9pj_6q1bPpV6Qbb4WPGvVqKy8pc8KzsKZJySw-BwyPEaPOPIEP0RpUJjquHZOLc_mADBe3BLs-0YdpuvipJqH8Y5c7LSuxPlKt1o1yu0ur0eYSmudfz1lszrjds4Ki1a8WrnZgHYen7rE5PO9lj7cyJBt0nSx07gVn9B6-BZtu7rCnJVLntbAN5Y8biTeHZBJr7TeMnSWmMs51oyozdFKNMyGwnQVz6I8fVSrtnw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0575 0
0 488ms
487ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=3346118162791088&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F5FC 0
0 490ms
490ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=4379852808369165&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 1751ms
452ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 31 Aug 2023 09:18:57 GMT
cache-control: no-store
server: nginx

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ Frame 2C32 384 KB
130 KB 444ms
443ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0b33f89610cacd7b17f7b6c16429d0505babf974a31f0a2d6ea8b5b155a06839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133240
x-xss-protection: 0
server: cafe
etag: 12051653964863814819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230829/r20190131/ Frame 1470 10 KB
5 KB 1877ms
379ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 08:56:35 GMT
etag: 9878862242593084568
expires: Thu, 14 Sep 2023 08:56:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ Frame 586B 384 KB
130 KB 2812ms
2812ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

aad554e0e63664eff8feadcbf4df49f1395f2384b39124565a7d5dbf1707a0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133249
x-xss-protection: 0
server: cafe
etag: 147679263551020920
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:02 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 404 KB
127 KB 409ms
409ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 17:16:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57760
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 17007686020673988365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 29 Aug 2024 17:16:22 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 2213ms
419ms Script
application/javascript 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 07 Sep 2023 09:19:04 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 2593ms
419ms XHR
application/json 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230831

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f8b342822ef1fa6a4a38d2d7921508eba2f06150762e3536a9949d8d7cf7b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 31 Aug 2023 09:19:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19089
x-jsd-version: 1.0.1798
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4538-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"639-rr6+Inso7vLfgcaPzGHI9pMLd00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9HTdtSYDSPe5qSTOysjGWTZrZ5eFtL6DNZzHbPjxmops1uK8f0ORpnkTfKrhT5u6A5B9z5rNFtj9rYqs%2BJE4PjnKx%2FErZxtfHM69m3s%2Bg%2B2cBh0JvydhTYAjHxqekNlvwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ff4307f7faf23c7-ZRH

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
468 B 1998ms
384ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 278406806e3d6a685b7dac3de1803f49436036df9a554941230e761cacb7ff2b

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.127.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 36 KB
26 KB 2686ms
753ms XHR
application/json 3.73.155.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.155.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-155-121.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 70f067358a51ef0da52680706e94b7cd6664860dee7b11c1b5a22d9080de8289

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 31 Aug 2023 09:19:01 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 25997

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
771 B 1625ms
407ms XHR
application/json 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9889
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 31 Aug 2023 09:19:00 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 2697ms
529ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=8435087234&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 31 Aug 2023 09:19:00 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
273 B 1605ms
390ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 31 Aug 2023 09:18:59 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 25 KB
11 KB 1714ms
525ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30df5452099ba89a1d482e1bf5ec270b2ef9e9852a6a6e23cc69e9ace0fc2be5

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbEuivmsl8R8nv5aLUYgR3f%2B0kV%2B7Lpe9FPIkBTwEACwTpgVkpSAW6Op23hKB0imf5k%2Flh%2BtFPChRyzW0Q%2FTFLWoAFeS0SJ%2Fg%2BOEUeBzSa%2FcM168D%2BnxGrau487axHBZAQBkvgSk"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ff430796aea0204-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
309 B 1781ms
592ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38256684e4b933c4be91510ff4e2dc2684db9d87672ebca41cfc643476e44925

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvK17DqeL75b1KT2mTLOuDbuN2YfI%2FiVhUuQFuyISkXvUzn50CKGd0xPQuLztgZZJnkwrf%2BZ98C70eGAZGbCKdmCCjxI75aZawqxv0CBy5qeI1sS5Ey%2FmVdfZhDswmXgNU5dnAAz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ff430796aef0204-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
549 B 1616ms
427ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38256684e4b933c4be91510ff4e2dc2684db9d87672ebca41cfc643476e44925

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwdEZKUT18vLYN%2BnNdKqKHlHYn%2B2QJJigFH5fqnhO%2FZddIvnrg3I16zP%2FCib65zOzysD3L%2Bb6UuJCgdbUlNVukfClnuckW1g9CGKG%2FYb%2FY7NG459QZ3tJoJCWf1Czwa5yVfTohCZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ff430796aed0204-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
498 B 1596ms
400ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 1636ms
438ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 31 Aug 2023 09:19:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7ff430799d7f2a64-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 1634ms
437ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 31 Aug 2023 09:19:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7ff430799d832a64-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
153 B 1743ms
558ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 78533426bec4ef502ec4a64ad70e199d063450271f55643de9c7252ce4ccab9c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 31 Aug 2023 09:19:00 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 1557ms
372ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 31 Aug 2023 09:19:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 1557ms
373ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 31 Aug 2023 09:19:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
700 B 1782ms
575ms XHR
application/json 18.159.76.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&tmax=3000

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.76.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-76-58.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:00 GMT
accept-ch: sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
x-auction-status: 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 249 B
808 B 1617ms
398ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ad21b5e68c45279b8ddc343c223f3e69e6fb03b45ad70f7f1f67a350ccf905fe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:00 GMT
an-x-request-uuid: b9fca778-911b-4828-af2b-f50cd349e35c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 249
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
493 B 1789ms
585ms XHR
application/json 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:00 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 31 Aug 2023 09:19:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
454 B 1605ms
411ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 31 Aug 2023 09:18:59 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 11
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 1709ms
525ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 990d600194e6659456d392416e921c0ef77b1f792d62e6705d4fe258c8a95375

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:00 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 31 Aug 2023 09:19:00 GMT

GET
H2 404 L2EvbWVuZy13ZWktZXItemhvbmctamktc2ktamktZGVuZy1iYW4tbGluLXl1ZS1waW5nLXhpYW4tcWlhbmctamluLXRpYW4tZmVuZy13YW5nLXphaS10aWFvLXpoYW4tcXVhbi1uaWFuLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
875 B 880ms
880ms XHR
text/html 2.16.238.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvbWVuZy13ZWktZXItemhvbmctamktc2ktamktZGVuZy1iYW4tbGluLXl1ZS1waW5nLXhpYW4tcWlhbmctamluLXRpYW4tZmVuZy13YW5nLXphaS10aWFvLXpoYW4tcXVhbi1uaWFuLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-17.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Thu, 31 Aug 2023 09:18:59 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=99, ak_p; desc="1693473539800_34664209_1332258063_10494_1220_21_0_219";dur=1
content-length: 555
expires: Thu, 31 Aug 2023 10:18:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 2237ms
442ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

b0f3c78774951e4d0cf8123286c72c1446edf839405542bf5b4bd5a00820f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 31 Aug 2023 09:19:04 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 2099ms
489ms Fetch
application/json 3.233.146.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-146-67.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Aug 2023 09:19:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012308181609000/v0/ 110 KB
32 KB 404ms
404ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:07 GMT
age: 132415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32193
x-xss-protection: 0
server: sffe
etag: "473971c650298c2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:07 GMT

GET
H2 200 nameframe.html
d-21189372231412333876.ampproject.net/2308181609000/ 0
0 2004ms
476ms Other
text/html 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-21189372231412333876.ampproject.net/2308181609000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 430ms
429ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:02 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1248411
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1693473543.978008,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 194919

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.5/ 448 KB
85 KB 376ms
376ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ef7e0e0f5607be19e1435d5c2a116506def82a9e801a9eb4ebc6b6b6d97202cf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1693386434
date: Thu, 31 Aug 2023 09:19:06 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: JSZPT86M0E8D2ZQZ
age: 87053
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1693386448
x-amz-meta-mode: 33188
content-length: 86206
x-amz-id-2: AfzRpS2aMtAGhIna3wqcpMb8XOXuPEiHgEchXlf1F/b4AOrsOj+IC4eHg0dQvUdYaHE3g/1kASw=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 30 Aug 2023 09:07:29 GMT
server: AmazonS3-br
x-timer: S1693473546.328236,VS0,VE0
etag: "0043a8c66bf3bdb891bdd77cc16f821f"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 14691

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 60BF 439 B
524 B 374ms
371ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 700398807e34023d67ccd866d532b650e00a456f43e8aed5a052a3a512800594

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 31 Aug 2023 09:19:00 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 392ms
391ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&cmcv=&pix=31579697&cb=1693473540576&uv=3328&tms=1693473540576&su=3&abt=nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:06 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 560ms
553ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 31 Aug 2023 09:19:06 GMT
via: 1.1 6c19750e796252a348d1690986c10426.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FCO50-P1
age: 2071835
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1693473547.814897,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: z8uBX5rs5yx079LlNzOhRt0m40lBcgssXUNlz-RDQ6Zqn78U46CZIg==
x-cache-hits: 740289

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A215 603 B
112 B 775ms
775ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-892391627799815566&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3071&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=66001663&ga_cid=amp-kqzI-cVdnMoGGCtSj66XoQ&ga_hid=1663&dt=1693473540632&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&bdt=22330&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 60BF 70 B
264 B 410ms
409ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:19:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 60BF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/bd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2TRc6JBE2oRQTIHc5HP9A2niIbq44vg5LC9dyw--~A

0
98 B

471ms
407ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2TRc6JBE2oRQTIHc5HP9A2niIbq44vg5LC9dyw--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 43670

Redirect headers

date: Thu, 31 Aug 2023 09:19:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2TRc6JBE2oRQTIHc5HP9A2niIbq44vg5LC9dyw--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 60BF 0
38 B 407ms
407ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
308 B 393ms
392ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tZW5nLXdlaS1lci16aG9uZy1qaS1zaS1qaS1kZW5nLWJhbi1saW4teXVlLXBpbmcteGlhbi1xaWFuZy1qaW4tdGlhbi1mZW5nLXdhbmctemFpLXRpYW8temhhbi1xdWFuLW5pYW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTJjN2E0OWVlLWU4YTktNDU5NC05OGFjLTMyM2YxODE0ODJhNyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI3NWVjNzIxZC0zMTMzLTQ3MGEtOWQzNC0xMzRjNjE4YWEyYzAiLCJ0aW1lT2ZBdWN0aW9uIjoxNjkzNDczNTM4NjcyLCJiaWRzIjpbeyJjcG0iOjAuMDE5OTk5OTk5OTk5OTk5OTk3LCJhZElkIjoiNzUwMjcwNTYyNDU1OGQiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTc4OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTM0NzM1NDA0ODF9LHsiY3BtIjowLjAyMTU5NDUwMDAwMDAwMDAwMywiYWRJZCI6Ijc4YWJiZGM1ZjI1MGQ1MyIsIm9yaWdpbmFsQ3BtIjowLjAzNzE3LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMzE1OTQ1MDAwMDAwMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjI2OTAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzNDczNTQxMzc2fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFkbGl2ZXRlY2giLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc4YWJiZGM1ZjI1MGQ1MyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMzE1OTQ1MDAwMDAwMDAwMDR9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6Ijc1ZWM3MjFkLTMxMzMtNDcwYS05ZDM0LTEzNGM2MThhYTJjMCIsInRpbWVPZkF1Y3Rpb24iOjE2OTM0NzM1Mzg2NzIsImJpZHMiOlt7ImNwbSI6MC4wMTk5OTk5OTk5OTk5OTk5OTcsImFkSWQiOiI3NjkzM2I4NDI3YTQzMGEiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTc5MSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTM0NzM1NDA0ODN9LHsiY3BtIjowLjAyMTU5NDUwMDAwMDAwMDAwMywiYWRJZCI6Ijc3NTljMWM3ZDA5N2RlYSIsIm9yaWdpbmFsQ3BtIjowLjAzNzE3LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMzE1OTQ1MDAwMDAwMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjI2OTAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzNDczNTQxMzc2fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFkbGl2ZXRlY2giLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc3NTljMWM3ZDA5N2RlYSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMzE1OTQ1MDAwMDAwMDAwMDR9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=27151.60000228882
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET publishertag.prebid.135.js
static.criteo.net/js/ld/ 0
0

GET
H2 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/ 2 KB
968 B 402ms
399ms Fetch
application/json 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:04 GMT
age: 132419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "0fc0eb4a65ca6481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:04 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 2409ms
415ms Fetch
application/json 172.64.102.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57999
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 30 Aug 2023 17:12:26 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQfdc1oglRgfA0M88VB2p10SVsmCYc%2B5vAd1pzDgm2es1NGHtPQV2iiDCZ%2B%2FQjRZD3MaBoCwjIIa0rsDd2svxV6aO0eXFlnxQ8Tdd%2BZYSuJXMJ7thxwu3zHqVdEMPs3MCReZQMFd%2FSWkFoPJ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7ff430985fb43a7c-FRA

GET
H2 200 gtag.json Show response
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/ 3 KB
1 KB 398ms
398ms Fetch
application/json 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 20:32:10 GMT
age: 132413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "d9a6653d564716b0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 20:32:10 GMT

GET uid2SecureSignal.js
cdn.prod.uidapi.com/ 0
0

GET esp.js
cdn.id5-sync.com/api/1.0/ 0
0

GET pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 0
0

GET publishertag.ids.js
static.criteo.net/js/ld/ 0
0

GET esp.js
oa.openxcdn.net/ 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 130 KB
48 KB 868ms
867ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3464037791358720&correlator=2216926689630551&eid=31076474%2C31068366&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693473543163&lmt=1693466343&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=373335609.1693473543&ga_sid=1693473543&ga_hid=1663&ga_fc=false&ga_cid=amp-kqzI-cVdnMoGGCtSj66XoQ&dlt=1693473518302&idt=24830&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0_pv%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv4_e%26faid%3Dfalse&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

0d65cc74893d397908ad09161a3e9f5d716cc4b13d7706b056d0298912958256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48762
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
19 KB 827ms
826ms Fetch
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3464037791358720&correlator=2734361177064432&eid=31076474%2C31068366&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693473543168&lmt=1693466343&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=373335609.1693473543&ga_sid=1693473543&ga_hid=1663&ga_fc=false&ga_cid=amp-kqzI-cVdnMoGGCtSj66XoQ&dlt=1693473518302&idt=24830&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26misc%3Drefresh_control_pv%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D7759c1c7d097dea%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26misc%3Drefresh_control%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D78abbdc5f250d53%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv4_e%26faid%3Dfalse&adks=1420297610%2C2825066673&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1586d3e5fb8201f5a837561396c86effd95693155eb9bd2ea84746c2f6ab5d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19067
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6AB5 6 KB
3 KB 806ms
774ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:03 GMT
expires: Fri, 30 Aug 2024 09:19:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 27 KB
0 932ms
920ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 17:16:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57765
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13172
x-xss-protection: 0
server: cafe
etag: 7949494514302333357
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 29 Aug 2024 17:16:23 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 1205ms
435ms Fetch
application/json 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 32 KB
0 935ms
922ms Script
application/javascript 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:08 GMT
content-encoding: br
cdn-edgestorageid: 1076
cdn-storageserver: DE-677
cdn-cachedat: 08/09/2023 21:21:30
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:21 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 577
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf625-16c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 4f4992141682126b6da7f2b69000bba3
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 0
0

GET can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 0
0

GET videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 0
0

GET
BLOB 200
OK 781b52ab-b0f3-4e65-ae7d-dd71ba2a6dc3
https://www.bg3.co/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/781b52ab-b0f3-4e65-ae7d-dd71ba2a6dc3
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET clarity.js
www.clarity.ms/s/0.7.10/ 0
0

GET
H2 200 container.html Show response
ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 494C 6 KB
3 KB 419ms
418ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:03 GMT
expires: Fri, 30 Aug 2024 09:19:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 15E8 6 KB
3 KB 413ms
413ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:03 GMT
expires: Fri, 30 Aug 2024 09:19:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 518ms
518ms Fetch
application/json 3.233.146.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-146-67.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DAB9 267 B
167 B 411ms
410ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWfQtP04Yg55StweQwwRgG_w173Pd_YICxalSxV7u0a8i4v4ABcH8mANhMatWARHzdg5c4y-EsxoaGWim5pmTBOXv_11w

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 101
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BC47 86 KB
30 KB 2814ms
2812ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:04 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame BC47 25 KB
10 KB 1926ms
424ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 146915
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PG6XU08odmXIif8Cl7saY5GRMHJjtDaSnQ%2BXTpCxS5UG4qua6wOGzXB3pvMnpz4n3sSF%2Bb5hbOhnM27xyxJT05CQlviEiEn2SxoiOjzj4uXGNLeGh9ryKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7ff4309d2a25d526-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 16:30:19 GMT

GET 2b3771eb-0777-442f-9fdd-b0f96f5102d0
a5152.casalemedia.com/impression/v2/693656/85/cjo5m128qbbq5k01tgrg/ Frame BC47 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame BC47 0
0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 600ms
599ms Fetch
application/json 3.233.146.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-146-67.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 0
0

GET rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 0
0

GET collect
www.google-analytics.com/r/ 0
0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 01FF 478 B
238 B 452ms
450ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWNd1WYISW_e1_DIVu4Gj_Y3HJT7AURxnyZ3d5qMwKucdQKZyMo_co3DpXkOR895FsUpv5jyMmmZeduNQsI7qkXOLMgwg

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 494C 86 KB
30 KB 2651ms
2649ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:04 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 494C 42 B
110 B 2925ms
2924ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dz89zRQohk01rpx6VlkVzIkLYtHbtIBe9ZETe5vFZQ-9DO3laz1sFeVfIHc__uSYg56rwc04g6c6Vo5VqfPIhFtBGuWko-f2OS80ngfz-H3GRbdvQ

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 494C 0
119 B 2924ms
2922ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13244346013428866316&x=1&ct=77

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 494C 3 KB
1 KB 394ms
393ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 07:12:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 494C 20 KB
8 KB 382ms
381ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 494C 0
0 409ms
408ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROxxWcMFlwtur91Qo7k_h8P-gHnAZzp8boOM5GpILbsNA-3_klIUf80U1t70xIBOz38cufh82LDRuPmvFovqlple6YBw
Requested by: Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 494C 181 KB
57 KB 1964ms
394ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:06 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E06D 478 B
242 B 444ms
442ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWqpVjU9dVz7nA6WXlamGXl5xJJZ7icED2YJq3ZuTzi5D8X2vRtEMVrPlob7c2Dc02LtoLWU5bKXNM1cxutsOAdEOSQ3w

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 15E8 86 KB
30 KB 2963ms
2961ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:04 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E8 42 B
107 B 2962ms
2960ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUzHR5TsDkUNlXEJMIIf0ZqHxny1KG--N6krF7_lNa_CApytQl5x-9VeR0eIepD_q_5hoVbzPSxTXAgHUPAb3ZBT_1joeMBmETEO5oXylpFqv4uS0

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E8 0
56 B 2918ms
2916ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13969742996100683725&x=1&ct=77

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 15E8 3 KB
1 KB 538ms
536ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 07:12:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 15E8 20 KB
8 KB 537ms
535ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 15E8 0
0 466ms
465ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKjAY0kaiCd_M612Dg66AC6UKtVTOJAyDB7VS5mtFgImI-0dX5BN6cZecNEEjzC7v3L3Y8lpYsps-3-8QHuQ9_9587aQ
Requested by: Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15E8 181 KB
57 KB 2287ms
723ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
URL: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:06 GMT

GET

generic
match.adsrvr.org/track/cmf/ Frame DAB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEAXn75Z5WDQDhQYxzNG7blo&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEAXn75Z5WDQDhQYxzNG7blo&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=0927f3556f4f35dfed047e2668d29b83&uid=0927f3556f4f35dfed047e2668d29...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

0
0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DAB9 170 B
188 B 390ms
389ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWfQtP04Yg55StweQwwRgG_w173Pd_YICxalSxV7u0a8i4v4ABcH8mANhMatWARHzdg5c4y-EsxoaGWim5pmTBOXv_11w

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 1919ms
395ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 31 Aug 2023 09:19:06 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 227585
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET json
gum.criteo.com/sid/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 424ms
423ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 2741a9e2ed5bef8e4aebb8ae1767fca6902f8c7baab05a2c7119c2fb42479d38

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 31 Aug 2023 09:19:04 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 30 Sep 2023 09:19:04 GMT

GET
H2 204 isyn
prebid.a-mo.net/ Frame 17FE 0
0 371ms
371ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Thu, 31 Aug 2023 09:19:04 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame B260 3 KB
2 KB 1686ms
455ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7ff4309f7b9024be-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 09:19:06 GMT
expires: Thu, 31 Aug 2023 13:19:06 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

pd Show response
adpushup-d.openx.net/w/1.0/ Frame 6ADB
Redirect Chain

https://adpushup-d.openx.net/w/1.0/pd
https://adpushup-d.openx.net/w/1.0/pd?cc=1

653 B
735 B

394ms
393ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e7474f7b2bcea09001fc2c44bcd872eab0c45d2d3a12a927af0df4523fb48554

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 411
content-type: text/html
date: Thu, 31 Aug 2023 09:19:06 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 31 Aug 2023 09:19:06 GMT
location: https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 365D 9 KB
4 KB 1688ms
443ms Document
text/html 13.32.99.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 77660
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 30 Aug 2023 18:39:49 GMT
etag: W/"cba3476b12cba88403393b498cdbcb0a"
last-modified: Wed, 02 Aug 2023 17:35:11 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-id: y4wTtCbRqCktu9o0nHrJIBRkHxArN6tKfJ8VIH2MMzmek135B9euZQ==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5: 72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256: 54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 87C1 37 B
140 B 1682ms
438ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 31 Aug 2023 09:19:06 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3534 281 B
554 B 412ms
412ms Document
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Aug 2023 09:19:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AFEA 52 KB
17 KB 1842ms
600ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 31 Aug 2023 09:19:06 GMT
ETag: "623de86a-cf34"
Expires: Fri, 01 Sep 2023 09:19:08 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 4A48 6 KB
2 KB 433ms
425ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ff43097af0e2a64-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 09:19:04 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame F60E 4 KB
2 KB 404ms
404ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1693473540300

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

26337b0ad1b1543caff1a56097abc7dcd2784e8319c5232ceac4a608adab1e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1377
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 016A 24 KB
8 KB 1693ms
458ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e79e61d32a80f696ccdaeadc794f2f7bf13163d3d624f1496a86d1933e109fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8473
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 09:19:06 GMT
expires: Sat, 02 Sep 2023 09:19:06 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame E06D 170 B
188 B 391ms
391ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWqpVjU9dVz7nA6WXlamGXl5xJJZ7icED2YJq3ZuTzi5D8X2vRtEMVrPlob7c2Dc02LtoLWU5bKXNM1cxutsOAdEOSQ3w

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E06D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1&C=1

43 B
766 B

452ms
451ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWqpVjU9dVz7nA6WXlamGXl5xJJZ7icED2YJq3ZuTzi5D8X2vRtEMVrPlob7c2Dc02LtoLWU5bKXNM1cxutsOAdEOSQ3w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E06D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPBbCkFZ6oP0pBI7h2RNxwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

43 B
632 B

378ms
377ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWqpVjU9dVz7nA6WXlamGXl5xJJZ7icED2YJq3ZuTzi5D8X2vRtEMVrPlob7c2Dc02LtoLWU5bKXNM1cxutsOAdEOSQ3w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 01FF 170 B
188 B 398ms
397ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWNd1WYISW_e1_DIVu4Gj_Y3HJT7AURxnyZ3d5qMwKucdQKZyMo_co3DpXkOR895FsUpv5jyMmmZeduNQsI7qkXOLMgwg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 01FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1&C=1

43 B
766 B

445ms
445ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWNd1WYISW_e1_DIVu4Gj_Y3HJT7AURxnyZ3d5qMwKucdQKZyMo_co3DpXkOR895FsUpv5jyMmmZeduNQsI7qkXOLMgwg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 01FF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPBbCmocJstjoZ6UnlqvZAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

43 B
766 B

411ms
411ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWNd1WYISW_e1_DIVu4Gj_Y3HJT7AURxnyZ3d5qMwKucdQKZyMo_co3DpXkOR895FsUpv5jyMmmZeduNQsI7qkXOLMgwg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.google-analytics.com/g/ 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3534 34 KB
10 KB 560ms
560ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 09:19:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14951
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:28:16 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame F60E 43 B
443 B 1635ms
377ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 09:19:06 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Thu, 31 Aug 2023 09:19:05 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame F60E 0
239 B 2218ms
431ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame F60E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1110900752246686789

0
291 B

367ms
367ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1110900752246686789

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:05 GMT
an-x-request-uuid: c236cea7-67c2-4ba4-99a4-ca39beaebcb8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1110900752246686789
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame F60E 42 B
691 B 381ms
379ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=GNcZMRktuvxC1N24yL9RGjEpbFG9oyD7HgmboVIH7Wo
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F60E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjnJTTuCP9S9XgWJlTEhIC0nCSLC0mlQ

170 B
188 B

396ms
396ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjnJTTuCP9S9XgWJlTEhIC0nCSLC0mlQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjnJTTuCP9S9XgWJlTEhIC0nCSLC0mlQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame F60E 0
75 B 1688ms
405ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:05 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame F60E 0
0 1652ms
392ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F60E
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg

43 B
479 B

487ms
487ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V3ND3JS497J3PZYR7AW7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame F60E 0
42 B 1687ms
430ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:05 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame F60E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

0
291 B

383ms
383ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame F60E 0
38 B 393ms
393ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:06 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F60E 70 B
264 B 386ms
385ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame F60E 43 B
146 B 2118ms
894ms Image
image/gif 52.59.55.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693473540300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 4A48 48 KB
12 KB 443ms
434ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 150
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7ff4309acb282a64-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST collect
region1.google-analytics.com/g/ 0
0

POST collect
stats.g.doubleclick.net/g/ 0
0

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame DA32 0
315 B 443ms
443ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ff4309e48672a64-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 09:19:05 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A042 4 KB
2 KB 406ms
405ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

793e9341a3c42ee4016974d4b91101b42c8834a5532c0a2f5f61b6cfe6acffcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1347
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 9DBB 0
0 1703ms
438ms Document
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Thu, 31 Aug 2023 09:19:07 GMT
X-Sovrn-Pod: ad_ap3ams1

GET

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame FAD2
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1

0
0

GET

cs
ad.turn.com/r/ Frame 5393
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1693473547401
https://ad.turn.com/r/cs?pid=45&rndcb=5890311092

0
0

GET cookie.js
partner.googleadservices.com/gampad/ Frame 2C32 0
0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0CA7 26 KB
12 KB 836ms
835ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527147&bpp=9221&bdt=3753&idt=18819&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=2&ga_vid=373335609.1693473543&ga_sid=1693473546&ga_hid=32099369&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2499966190&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076839%2C31077369%2C44785292%2C44798934&oid=2&pvsid=3234666658392896&tmod=915018954&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oe40g5u77j07&fsb=1&dtd=18834

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f4a03831bf6e089b4305045c2ea86d52bf2a149a44c77b3b57a87cc427ca9654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12225
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET

match
ads.betweendigital.com/ Frame E98D
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-7701563183069211107

0
0

GET
H2

200

285a2b14c93c955bda38dbbc68eeaec2ed2b402139d65b0ea0d27ba02be7988a
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame C812
Redirect Chain

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/285a2b14c93c955bda38dbbc68eeaec2ed2b402139d65b0ea0d27ba02be7988a

0
505 B

960ms
947ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/285a2b14c93c955bda38dbbc68eeaec2ed2b402139d65b0ea0d27ba02be7988a
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ff430ae781a2a64-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 09:19:08 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 31 Aug 2023 09:19:07 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/285a2b14c93c955bda38dbbc68eeaec2ed2b402139d65b0ea0d27ba02be7988a
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 cookie Show response
cm.adform.net/ Frame 4247 43 B
106 B 1691ms
407ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Thu, 31 Aug 2023 09:19:07 GMT
server: nginx

GET
H2

200

76e6cf9e88565f181cd9f7e38cfe456
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame E62B
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/76e6cf9e88565f181cd9f7e38cfe456?gdpr_consent=&gdpr=0

0
487 B

742ms
739ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/76e6cf9e88565f181cd9f7e38cfe456?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ff430ab2acd2a64-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 09:19:08 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 31 Aug 2023 09:19:07 GMT
Expires: Thu, 31 Aug 2023 09:19:07 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/76e6cf9e88565f181cd9f7e38cfe456?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1693473547593030-346

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 82BD 0
0 1703ms
408ms Document
text/plain 35.157.76.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.76.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-76-61.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame A042 43 B
442 B 992ms
406ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x2 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 09:19:06 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x2 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Thu, 31 Aug 2023 09:19:05 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A042 0
239 B 1233ms
416ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame A042
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1110900752246686789

0
291 B

429ms
428ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1110900752246686789

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
an-x-request-uuid: a25332cb-6936-4aa7-99c8-3f859315811c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1110900752246686789
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A042
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjoH5rgu4Z7KzqZjYxNdvR8BEa-OEx3w

170 B
188 B

396ms
396ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjoH5rgu4Z7KzqZjYxNdvR8BEa-OEx3w

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjoH5rgu4Z7KzqZjYxNdvR8BEa-OEx3w
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame A042 0
75 B 1051ms
410ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:06 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame A042 0
0 601ms
391ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame A042 0
39 B 1019ms
430ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:05 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame A042
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

0
291 B

397ms
397ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame A042 0
15 B 417ms
416ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:06 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A042 70 B
264 B 453ms
452ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame A042 43 B
145 B 1552ms
896ms Image
image/gif 52.59.55.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame A042 42 B
691 B 412ms
409ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame A042 0
429 B 437ms
437ms Image
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 7ff430a72d042a64-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET

74485f29a0a06d89fb33c56a3b77d82fbafe4fc1150812ac2e938c45de65e941
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame D326
Redirect Chain

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
https://csync.smilewanted.com/set_partner_userid_get/smartyads/74485f29a0a06d89fb33c56a3b77d82fbafe4fc1150812ac2e938c45de65e941

0
0

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8BE0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

506ms
505ms

Document
text/html

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac7a50e6167df42be920266be012c292fb308da3e4afa9a5e22b389ec403a5c

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ff430a52ac40204-ZRH
content-encoding: br
content-type: text/html
date: Thu, 31 Aug 2023 09:19:07 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNZ0vPILAJrQAWRcwjOw2BkNc25YjpF9GLF2DvZWPMtGx67wvNS1jrpE6L7wZX0wGgG%2Bl0ciAc%2Fyo23VI5Xh4oGSKcHKG0LZ9le6VfLklbyYHl8eqd4QsnB6q%2FXYIwdyfFPlVlr%2BBBG%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ff430a22f9f0204-ZRH
content-length: 0
date: Thu, 31 Aug 2023 09:19:06 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuzpUoWYMq2lx9mgpNDdCJwjrZ%2BNzHiuwIBaFjcz03Ab6tl5J6NpWZEmdYr01B3jKztG9jex2qGb2utnZBUYOzJN0j5%2Bmq0seRNk%2BdHCuWJZMzWMC1f%2FR37QENe5bjJDxGT%2BkZ5FwTfdYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 13926
g2.gumgum.com/usync/ Frame 000E 4 KB
1 KB 2146ms
889ms Document
text/html 52.211.254.183

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.254.183 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 31 Aug 2023 09:19:07 GMT
etag: W/"0f8c011d539bec5fff5bafaaa0cfe521d"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame CDF7 4 KB
2 KB 409ms
407ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

4d9a0517cb61fc72ab1f736d7d9e70edd9664a5f01a3bfdf20dbdfc53b9588b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1327
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame BD97 638 B
887 B 2154ms
784ms Document
text/html 185.86.138.153

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 638
content-type: text/html
date: Thu, 31 Aug 2023 09:19:07 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 9ECD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
1 KB

486ms
486ms

Document
text/html

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db828dbc452816b9dd38203778226d9defe12187d98d0148928005dcabb14d87

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ff430a52ac60204-ZRH
content-encoding: br
content-type: text/html
date: Thu, 31 Aug 2023 09:19:07 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF7EjsQHYTq2v9egnGW%2FlfvWOm%2FVygCyvVVpohzALFBr6nPkk3lWMfXqOfK31ws2oAZ0Jxr65Ajg3v%2Ba7c59jBIKsFZOeDPFnCg6mmrdpg5Q8uk%2FxDgs3zwXw6iLu%2Bdw7bxO%2B8wzSyTHrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ff430a24fb30204-ZRH
content-length: 0
date: Thu, 31 Aug 2023 09:19:06 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIFMIfpa3Ca0G66pRvyp1i0uP2mr2CSYkZZj6dAQCV9p29PNyzqHpEAfoDjzLZhJBceivHjqhKEXcMa3otcH7W4Fm2a0ZyrMl5i14fJTeJZMZ5KgsCEJU1O686Xyp6XQgpataSAYwX%2Bc7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 774F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

430ms
430ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Aug 2023 09:19:07 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 31 Aug 2023 09:19:06 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5B3E 15 KB
6 KB 2140ms
889ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=134055
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 31 Aug 2023 09:19:07 GMT
expires: Fri, 01 Sep 2023 22:33:22 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame E5D0 0
0

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 9C2E 0
160 B 2140ms
867ms Document
text/plain 77.245.57.72

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Thu, 31 Aug 2023 09:19:07 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0F98 557 B
1011 B 2152ms
820ms Document
text/html 44.193.104.224

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 44.193.104.224 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 557
content-type: text/html
date: Thu, 31 Aug 2023 09:19:08 GMT
server: istio-envoy
x-envoy-upstream-service-time: 5

GET
H2

200

sync
ads.servenobid.com/ Frame 365D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=1110900752246686789

0
344 B

415ms
414ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=1110900752246686789
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
an-x-request-uuid: a61e44a0-c4ef-4b5b-aea4-dce08776c05b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=1110900752246686789
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

merge
ce.lijit.com/ Frame 365D
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

0
0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 365D 0
277 B 1494ms
390ms Image
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 31 Aug 2023 09:19:07 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET

cs
ad.turn.com/r/ Frame 365D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1693473547400
https://ad.turn.com/r/cs?pid=45&rndcb=3344371289

0
0

GET cm
p.rfihub.com/ Frame 365D 0
0

GET

sync
ads.servenobid.com/ Frame 365D
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=962f2129-2d34-4a1b-b512-bb7864ca8d3d

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 365D
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

430ms
430ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Thu, 31 Aug 2023 09:19:05 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 365D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A

0
367 B

414ms
414ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A
date: Thu, 31 Aug 2023 09:19:06 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET redirectuser
ssp.disqus.com/ Frame 365D 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 365D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A

0
367 B

927ms
926ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A
date: Thu, 31 Aug 2023 09:19:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 365D 0
35 B 602ms
396ms Image
text/plain 35.157.76.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.76.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-76-61.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT

GET cksync.php
hbx.media.net/ Frame 365D 0
0

GET pbs.gif
sync.admanmedia.com/ Frame 365D 0
0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame AFEA 0
594 B 374ms
374ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
an-x-request-uuid: e50bb412-870d-4aa5-ae19-359030440126
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6ADB
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qXCWpKomwPWyIZWi_n3do_pxlaeyd5Gm-nddtRmg

43 B
180 B

397ms
390ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qXCWpKomwPWyIZWi_n3do_pxlaeyd5Gm-nddtRmg
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qXCWpKomwPWyIZWi_n3do_pxlaeyd5Gm-nddtRmg
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET match
c1.adform.net/serving/cookie/ Frame 6ADB 0
0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 6ADB 43 B
855 B 446ms
445ms Image
image/gif 67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=03661255-920d-8b2b-92a8-797c3c40e0f8

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1DJECT51C0XJRC5PPX4V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 6ADB 70 B
264 B 421ms
420ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=5bb06e28-8ea7-30d1-52a6-fbeb54732b18&gdpr=0
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 6ADB 170 B
188 B 537ms
537ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdkZmJkZTItNDdkMC02ZTc1LTQ3NDYtYTE1MjllOTFlNTc4

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6ADB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELyPjgyFPUPJtp99-pInU9U&google_cver=1

43 B
106 B

401ms
401ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELyPjgyFPUPJtp99-pInU9U&google_cver=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELyPjgyFPUPJtp99-pInU9U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CA7 42 B
107 B 785ms
785ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUff_cISY7EbqqT1vCQ_LO7R399v8F-IOf4Vgt8pziRedCd1yjkYYH6t4rKTsdrJNKHTIGlA_wOsLh38yMVA7e7rrxXc8FBVxuAEDesObfnCtlipI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527147&bpp=9221&bdt=3753&idt=18819&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=2&ga_vid=373335609.1693473543&ga_sid=1693473546&ga_hid=32099369&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2499966190&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076839%2C31077369%2C44785292%2C44798934&oid=2&pvsid=3234666658392896&tmod=915018954&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oe40g5u77j07&fsb=1&dtd=18834

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CA7 0
56 B 784ms
784ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12591009620922789940&x=1&ct=77

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0CA7 86 KB
30 KB 776ms
774ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 0CA7 3 KB
1 KB 410ms
409ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 07:12:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 0CA7 20 KB
8 KB 409ms
407ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0CA7 0
0 413ms
412ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEpZs3SDFSNtVKrWmuGr1J7yctMKvJKFG_CDCzKt3nlAQbGQ7biwtLzAui7yncO4eKeyAYwyvfXZQ8kpNGgpoa_ZaAxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527147&bpp=9221&bdt=3753&idt=18819&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=2&ga_vid=373335609.1693473543&ga_sid=1693473546&ga_hid=32099369&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2499966190&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076839%2C31077369%2C44785292%2C44798934&oid=2&pvsid=3234666658392896&tmod=915018954&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oe40g5u77j07&fsb=1&dtd=18834
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CA7 181 KB
57 KB 480ms
479ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:07 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7BE0 611 B
310 B 476ms
472ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNU7F33yayTpt4LtjuiB65sMdiLjxN-tOpzEt0f4oXXRDryF7x-1XhzcRC7esz7OUqYuwXlyFI09UhZv_tgbW0V6qrvQCQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466345&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527147&bpp=9221&bdt=3753&idt=18819&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=2&ga_vid=373335609.1693473543&ga_sid=1693473546&ga_hid=32099369&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2499966190&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076839%2C31077369%2C44785292%2C44798934&oid=2&pvsid=3234666658392896&tmod=915018954&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oe40g5u77j07&fsb=1&dtd=18834
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame CDF7 42 B
691 B 403ms
402ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjoyYG5Vwzg8XwR-VKrzHQpf8NrmIDqw

170 B
188 B

418ms
417ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjoyYG5Vwzg8XwR-VKrzHQpf8NrmIDqw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABikrjoyYG5Vwzg8XwR-VKrzHQpf8NrmIDqw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame CDF7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

0
291 B

383ms
380ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESELYYo9sSzyDj8zL44M8et38&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame CDF7 43 B
443 B 735ms
409ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 09:19:07 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Thu, 31 Aug 2023 09:19:06 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame CDF7
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LLYYEZYL-1M-52ND&gdpr=0

0
291 B

817ms
816ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LLYYEZYL-1M-52ND&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LLYYEZYL-1M-52ND&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame CDF7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1110900752246686789

0
291 B

439ms
439ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1110900752246686789

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
an-x-request-uuid: 825571f1-9dca-419a-a805-4329302e1257
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1110900752246686789
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame CDF7
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=5488853778262683603

0
291 B

925ms
925ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=5488853778262683603

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=5488853778262683603
date: Thu, 31 Aug 2023 09:19:07 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame CDF7 0
0 404ms
402ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET

pixel
cm.g.doubleclick.net/ Frame CDF7
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0M1MkU0OUMtNzAwMS00QUYyLUFERjItNzQ2RDgxQzhDQzVB&gdpr=0&gdpr_consent=

0
0

GET
H2

200

/
onetag-sys.com/match/ Frame CDF7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A

0
291 B

900ms
900ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A
date: Thu, 31 Aug 2023 09:19:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CDF7 70 B
264 B 391ms
391ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

sync
x.bidswitch.net/ul_cb/ Frame CDF7
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=

0
0

GET sync
ads.servenobid.com/ Frame CDF7 0
0

GET cookie.js
partner.googleadservices.com/gampad/ Frame 586B 0
0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC15 27 KB
12 KB 988ms
987ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527309&bpp=9205&bdt=3900&idt=19565&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=1&ga_vid=373335609.1693473543&ga_sid=1693473547&ga_hid=452535409&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2195&biw=1600&bih=1200&isw=336&ish=280&ifk=4254637907&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077328&oid=2&pvsid=3611494147333327&tmod=1742399864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ulj9byuxv3lz&btvi=1&fsb=1&dtd=19577

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f7625573c83d7135aaab11d87001a0097fadd3432a63813dc07e37a3ec8e9e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 09:19:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
795 B 474ms
474ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693473547055&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1545&pt=-1114377771&tz=120&viewable=true&ddast=V8eD4CLAbIJRBVlqelPRCQSyCqLE9LeygAAABgYID-AMktJzPnyLNZy1yuxVo0GRnWwsXC5lbtlpPVcrZwDlYbIyC55WTmHHk2a5nLtViLJiPDWrhY2Nyq3XKyWs4WzsFqYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgGg6HT7XvV73-90lPs9c4_cr_GqX3efWvZxuleUtPfrtPrfU6dY83VKnW-Sy-9wSh90tdtrdytfLLXjafW7h02F3K54Ou88tddrdoqfD7pa57D637mH3uaUPp1v0dPjd0qPD7la8Hna33Omw24Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmsHCWp93kMvseZpM_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DFk2Tieap6TgpZIQV4RRgAAAACgtHOajkzSCSoWVf7___utAFwBAAhQVBoPQsqiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHb3wNEEAeuFqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw-IDSfL3cq0WG4mJsPIObHNLCvjYLCxmCbLkWE08566bpRrEmZKwz4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwYvKNFjPfbi1ZDYdr0cLkWQsXztFaYVuNDCuLx2GzbNyi18d0cTlXht1iiwQDDPcieVqkE-VotvI4F8vFaOVxGFaGlcNlGM4Wg5Vrt3DtNiaLWKI5WaQT2WVfG06Wu5VpsdxMTIaRc2KbWVbGwWBjMU2WI8No5q-YfKPFzLdbS1bD4Vq0MHnWwoVztFbYViPDyuJx2Cwbt-j1MV1czpVht9g3ZsvNaLdZTRb7xmy5Ge02q8li36EzfFefs1FZVkk-PolftbO8bk6DwmWweF_q03lYMBasv8_RqfJpnkWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVLrvPrXs53SrLW3r0231uqdOtebqlTrfIZfe5JQ67W-y0u5Wvl1vwtPvcwqfD7lY8HXafW-q0u0VPh90tc9l9bt3D7nNLH0636Onwu6VHh92teD3sbrnTYbcLTW-zRSwRnC7SiehlPF3Uf8SAg7lkMZyrdnPdbpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwqK4_____3EAAABk5NADAACg3weUBQAAAAAA8A9AhVir1ep2Y61WK2CBLBeb5QT-____Aw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57e8066598173ba24d95990c567552df53ad7ac5bd0fa1b0b77f34c01a18aca7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 31 Aug 2023 09:19:07 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1429
x-cache: MISS
x-served-by: cache-fra-eddf8230073-FRA
pragma: no-cache
server: nginx
x-timer: S1693473547.265969,VS0,VE32
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST gen_204
pagead2.googlesyndication.com/pagead/ Frame BC47 0
0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BC47 30 KB
18 KB 433ms
432ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Diq_5fuFqx9Q4dHjaEAVCKUVUE7_1ulG2tDGlXfXe5m53-FdsqWeXYPoh3LfvPZ9CD8IZak-Qb2VgGxUZNHS4MS9gfiyVxwIMs2Xggae-dN2QkyIb6jKsODcXU-hjZLEBfj7r00MKCP_XRFFZ9vgEnpZZo1DojMKvcwxjJPEaQ2dz0rEY&cry=1&dbm_d=AKAmf-AWXq9EQftVMdBJKrCCaehGjHn5qAc89hCAgEZ8WLe-v2EtY-24BLfR0cfxihqfUInhBIFObordhdMbHxhS4eTr_VvfePb-0oUrazd_W_QtuoebVETjVX_OH1Kgw0cTf8nfvCAkn2hy63yppFZdgKcuZ4lL8SBJIYiDyv2hhIuFVMiMjrdexru3C6mKu3bWS0l6DO_n94XL3KFFnxKaylD6QKEULzZEQqrCXv9phN1Grh_FEJQmLzpuWlTZ8krZK_oS0YADZ729zmt091o6j9dsC180sJShAgX_dBhE8i6Cty_pWh-IL-WTZijbzJSR1kIDBGhpTSaTBBoFpRb-wIK-sgm7zF-R0qYBweN0fhwnXCxFy4_mB07Fn8va5O0_yxnn3jsdpOpkfa60NCPiB-VG0sfR_sZdB4jp-jy6JXSBFdO5emCYW2u03ZvLGfVr7VBjMAReFmaJVZmVHsWEpmNnBy5WiLl5WQU6pYf0mitK72nK-mMf8_Ro0JP4Y6PjRq6PaYssGjIQI9YxtQBUU0am5IRfuUPIwpAwmprwtXMA13DCCJC73AWkn3-c7W4CpVrFz1fNNnGEYqUnLx9RrAHR_f7GjGsIRcX5lGZAIXGCeedldrgSLhWS8i8HezZWXo0vpSWzmXDmCT8PacaVydl5WqhxyUt9hz7oukeWX7Bb3zTE_A2JaYVXuccwWpLPKsQuL6PCnnzG737yi7nX5tPf2Dm9PuNy_BbviHsLtyBbV5odbx__Xmjruv-72DwdL_3aHQOvqGAArLaz-wvMFYyKwszEkNy-yXQc-JC3BbTLJWitpSF9-9y0OVFICpJIkiTe7TzQINwFJChvA5N1Xsnv-TMsHcCVFriUZth4gx0gs__07YDF-5IshWsol1uksTnJ_zH3GC1didk_LP2tLi98Oy9zdrzo1oc2qZLwFhg0_rbgMPLOc-4ywJZ3IurY0nnNOCwKiOT8AttrlwKtkVSrFj6vifdRN45ij__Q6xX6OdsxNwW3whFEiK0QDPtvPV2DZa4HmbtU5E_Y9wJI1_S_YiWcq9ShOOJOPc2xl2_voSBUP47AoStExGjB3emAitwJhmn4ILrky8lHPdWsRTTSAMyosF3bkbz7ryqn2VtF7qtifT-kPJB3ihfiydbS1tRjmorRIFDbZUPmRaAb8iVbEJWfa_u0olNuaDMwnVPvf9bkEtxpMmydF0e1nzKf4plqACYs4PAzyPX5BJcRkv0YlIIvXQOc8pJz69AV6VMOP3tilCPouEweNHy7FGCCBe6ABEuxhzxxd8lc0pjwgzbToydGSs-yiv-LRlIdqj0QYsJurJwBEEbEqiZTTXwaXWYJn8G1B8E-mTuxlgclRgUaFcciUG11EGZGj99iZxwVtV1wGJMY6O26Vr5Nph6TMWmZ_4ZjueaOeygfNmlNoqC7121keKgrQZvCFXwCSt_7rD8TlzRzImLb2fLEHYz0yONjrPWrxkD0WXeIKAdwgnb-adN3jnzSuR7GVmq2RoH8NKLmaiedjfYt_-RSisiVUyRMTkHIMJv0EN5iWjRQkUe1_cI0XmmxMB_veRqDUkE1aqINaBCFFkOMMhtLN2J4JYZ6CY-XvXC2WC5mrAnETeVafGAo9VI8UJ5ZIndgV-kLPyVIipehJMmA3QS3hSq6DCUqNjPu8Lg7yGzZCOGGiQS3RcPqpuPNwLj2pymrAjHfA2N37bi-gPIVKxTGRPpOheli8iJIRdIUHgjVASEa4h7TapmIobbaeF9rDwtxthKjyVEBOa5rXfk48jZX_6l_HiovNveT_jW5WlAikgxcsstr7INPt1-YcMc4CxGfLO5ogRfmM4oUGqjgyWfDX_wQpAFi7vIXZCqoC-vdlgNqVqiMuay47O-4v0CVAcBU17XEFlkWyL_eYugnKiUcJJkAwzmVq09lJiwKxC_cSOHKNmsPw2EtS4KT5cUUzBPfZgoaTm_Hb6TI_Qiu4rQP1qKzgvQ9TXCU6S_abJVwpwgMmzHnsm_M2XI4ngZW3nnWFVGnVdZwU3VtjJm9z_0AuXKwDgI6g_w5fHVOx6q-tLVBrQIXYYJTefu8TlV75v8zIXruYENyKA_VPilZ0m44PcJr0t09R22_WGaGlt4rnW4_ouyfUMfJcMRI8EOnMBaNfjCbeRkdondVqHe9w25UoAu_xNJr3BVpCnbWifCl7uRNaVFwmYcVdgfk7ACTq9Pl-enxv0trBWP4O29p05MKlKIDNShVWjzzNn1UDBVh3tuMifFqLqW6P2eNp9d0vUhqw2_jTbElNHG0LR6YkHAnWnUw1swvVTbR5zTgIl13n4V9nHzi1x6RiLi985NrOu4ijEIw8BO5KykCHVea-GXHexhCKVbxgb8RDwnTLjiom85rVPVByDG6VS-UsS6hJh5rifE6RuGB7EIlqvCw3n8DJiZPLctir56kzSu9xFigBlwrAbN7SLnv5BPjKeJPcHkWW9pQVdP6Z1OQNTV26X40P3uyZVi19JO6Debe7gdpicoBEjOKUOG6cQ5FdWwhYCKyzWAmY3BdOQd9_3CFKGcG--lOiS6f6X4-0eAWm1R_N-OALxVgiJ8SQ0iHWlFL4eKz6LzbwBZLibNA-K_Mn086Id-oPoOGTRJsdbQOacXSri3YD4GI9Peiu3FDrjylE_ARW6g64l7j1skUrKxA8oZ9HphAciKCntRh73sgIMd5lmBrx7RDEnY4flASH5cg4pT7E0ZpOZVn-Jk2w-o6rRvdOk2GmP24O_2JOvNLETmUJzsCV7_ccDLrCh3fHaSnriasca9yab1RGYHX_Q6bMqYrwGaxmoIquCgeme5l16a2ZZe5G9M0PKf3ZSOSfD8GKDnlAMgFP2ePlNBWxReFL0lNTsyLvLkY5wDwK9UMapWsGubH62VAiESmDju7D8WuXEmNABCG57KachNLnl8v5ch92gX21tK9Ub8oCfjWSrrojLSmQSPh3YecdiE_dwYHvf8UBQdulAGZUeabppBKVVBuuXMtXYDH8o8TXGPETbtKIvHho3iYyY9TWXyfB4vDZI14J091px4PYfA1XUYTR2_UFe5Ijyw2--IBPqD0XHCqLtPeFSYQ_KUsE2-3KlfxGQ1qzSyMvtyasUg9t0LBzPtsTi4ULQM-5YLiCdQ7hSkRq60Fj1IRKa2jaw8ZYTA8rKP6SrWhOmJxbl00mndWKMb3hPLRVzlrlA-6F0Ig_B_xjx-GMBMZ8pFbUZQKBrYjh8N3WhDP9Wc7Sj-Z6wbv2tcMpYWb5QXKPis0SqsAjUxwKgVfdXcSYw-_v_V_zOkyNH2Zdhz3Lwh5dAU6pW3xdeWtz-IyH4cG6EO8529eVzWeVEml1O7goz-jXZCitkd8MLICr6gJ_BamRGrShgVsCkwFC7mzZYr5ZwvO7iaz21eQZEuimP9OTfODrfZoWj6JP8PbThzqxhOsM1zq27OPHJf461F6yWWYAO0DQuAsvlv49nL3OrTrKYltIw&pr=13%3AZPBbBAAAAADdmozX1CCmqC6BAPSaWn6VNzvWHQ&cid=CAQSMgBpAlJW4rZYQv4sY-JmsjxaZ0acdhON61CmyP78k-DSPFiWACagJQsYYTU2MRBLhfhpGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ds=l&xdt=0&iif=1&cor=12631175449375121000&adk=3989330322&idt=3071&cac=0&dtd=134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

addb754cc9aaeec8e1ff734b6dcf7a6f70f33f6e4af945297f4d9b96143dc892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18190
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 774F 34 KB
10 KB 579ms
579ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 09:19:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 13:28:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14949
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 13:28:16 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7BE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBBlmcBkfsvZsmXtAPl-6Vs&google_cver=1

43 B
840 B

836ms
836ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBBlmcBkfsvZsmXtAPl-6Vs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNU7F33yayTpt4LtjuiB65sMdiLjxN-tOpzEt0f4oXXRDryF7x-1XhzcRC7esz7OUqYuwXlyFI09UhZv_tgbW0V6qrvQCQ

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
an-x-request-uuid: e467a70f-fcef-477d-b153-ed6af3d50b7f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBBlmcBkfsvZsmXtAPl-6Vs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7BE0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTExMDkwMDc1MjI0NjY4Njc4OQ%3D%3D

170 B
188 B

851ms
850ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTExMDkwMDc1MjI0NjY4Njc4OQ%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
an-x-request-uuid: 6bc785cc-dcaf-4fe9-9e23-daa222540c84
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTExMDkwMDc1MjI0NjY4Njc4OQ%3D%3D
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7BE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELyPjgyFPUPJtp99-pInU9U&google_cver=1

43 B
61 B

848ms
848ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELyPjgyFPUPJtp99-pInU9U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNU7F33yayTpt4LtjuiB65sMdiLjxN-tOpzEt0f4oXXRDryF7x-1XhzcRC7esz7OUqYuwXlyFI09UhZv_tgbW0V6qrvQCQ
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELyPjgyFPUPJtp99-pInU9U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7BE0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdkZmJkZTItNDdkMC02ZTc1LTQ3NDYtYTE1MjllOTFlNTc4

170 B
188 B

848ms
847ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdkZmJkZTItNDdkMC02ZTc1LTQ3NDYtYTE1MjllOTFlNTc4

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 31 Aug 2023 09:19:07 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdkZmJkZTItNDdkMC02ZTc1LTQ3NDYtYTE1MjllOTFlNTc4
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 8BE0 43 B
855 B 513ms
513ms Image
image/gif 209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPBbCuTJErtVcC_hqMm01QAAFJMAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H2SGTK5JR3EE1FR61BHT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

crum
dsum-sec.casalemedia.com/ Frame 8BE0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPBbCqXL5x9QORTvBtKHdAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

0
0

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 8BE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPBbCuTJErtVcC_hqMm01QAAFJMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBNR_1_mO37UZukq6Ijzzu0&google_cver=1

43 B
337 B

787ms
786ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBNR_1_mO37UZukq6Ijzzu0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FR4rR26aTjHa%2Fo5A1b3Q6kmxlkP0PuVg2c%2FoHqthrCTW4BQMwmyybgRdiRpjHOJVtwCaJwOVKiyJMCCAYVKLGg3RzgxXyrKbYGV9a%2B35Rb8PI2WGAoml1XsGKIqWQcnjJ8iOVrg8SvDtsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7ff430aac8a50204-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBNR_1_mO37UZukq6Ijzzu0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8BE0 70 B
264 B 406ms
402ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

sync
x.bidswitch.net/ul_cb/ Frame 8BE0
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index

0
0

GET index.gif
euexchangesync.digitaleast.mobi/usersync/ Frame 8BE0 0
0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8BE0
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZPBbCuTJErtVcC-hqMm01QAA%265267&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=16bddcfa-4c15-4ff2-b2ab-657d45beccd1-tuctbe9e08b

43 B
632 B

786ms
786ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=16bddcfa-4c15-4ff2-b2ab-657d45beccd1-tuctbe9e08b
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=16bddcfa-4c15-4ff2-b2ab-657d45beccd1-tuctbe9e08b
date: Thu, 31 Aug 2023 09:19:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 51380

GET CookieIndex
rtb.adentifi.com/ Frame 8BE0 0
0

GET htw-pixel.gif
cdn.indexww.com/ht/ Frame 8BE0 0
0

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 9ECD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPBbCqXL5x9QORTvBtKHdAAACKoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBNR_1_mO37UZukq6Ijzzu0&google_cver=1

43 B
383 B

788ms
787ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBNR_1_mO37UZukq6Ijzzu0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddR%2BYJ8iWd2jOnUKfT2pNR%2By19OS7DjX3HNQmuGXxF3e4l46ApndH7o07P5XKH9Mx2UkosyWLnLzpCEOszsFbm4LRr4vJ67pUwsxXvx5Ug2aJ6W8pFIucgBxefKwLxZ%2Fq3xbh2G6co2e1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7ff430aac8a60204-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBNR_1_mO37UZukq6Ijzzu0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9ECD 70 B
264 B 406ms
406ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 9ECD 43 B
0 1501ms
994ms Image
image/gif 209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPBbCqXL5x9QORTvBtKHdAAACKoAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G3DNBW631WPNHXAR1D8B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

crum
dsum-sec.casalemedia.com/ Frame 9ECD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPBbCqXL5x9QORTvBtKHdAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

0
0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 9ECD 43 B
652 B 1215ms
740ms Image
image/gif 95.101.54.233
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPBbCqXL5x9QORTvBtKHdAAACKoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 09:19:08 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1693473547961088-509
Expires: Thu, 31 Aug 2023 09:19:08 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 9ECD 0
0 419ms
417ms Image
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET ix
s.company-target.com/s/ Frame 9ECD 0
0

GET cm
p.rfihub.com/ Frame 9ECD 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 9ECD 0
357 B 804ms
803ms Image
image/avif 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZPBbCqXL5x9QORTvBtKHdAAACKoAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 494C 0
56 B 493ms
493ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7516046246552&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 494C 0
56 B 494ms
493ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7516046246552&version=m202307240101&ct=77&x=1&cor=13244346013428867000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 494C 9 KB
0 486ms
486ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5YlpxndYGmWB0zxg40k9qppPy8QsjOxxmReXCSGIhzAdk6s51_Urj6qRN10ML2Tff67BMj26ZDDZaHGstux9ZmQv-_G8XR8GY1pcU9Giggac6kaArtAhuRqRSUk4Z79eku9G67GKPXqZj46VKKNPwNIwLMh92pwU_FhQf07hQObGguHM&cry=1&dbm_d=AKAmf-Dh31htW1ZO6mUBBxZQCXT0wz7na_w596du0Qtr0A3fjPYr8276NRByzjrjNYN4YOlfmla0X40vFowrBxsbXdiNkC1U6OFlOa-LMEyO6iLp4czm7aibWIZRb1lVhKNPxOr7ID2piJqkKANXyI_i4jt30SPsc6W7mx6S2lD4mRlkjYXrIgpOIWVGRzjaPl66qvVBylaPEH9HPdx6AfDo5n88ajZ6sGWNWK2bytzx46D9NmdaetMLuBzaPSci7vnzrjJsOYNOirlwoK_CRTfROf9418xBmA2fQCKAk5gHYdTGS68La-XE7-h-QPKOUuOTMsQF0_-N8NxH4TAupaxDWVwO01PKZJpo4JjngIMhfJ2XemBglBQ8w2mHfzW9wPxyOCujS5o2MkyeXYjDgmsqhXC0nnLp7sypDp7UvRqvvHFTWWG0LN7gtP0hYoyZ5jAUMi4Q0oFkI0EHLCAZwxhbIigLxN04HGhEDGZQNbdzdUx2C8dEycl2CO_05o5oE7OVaCMLf9eBUntG9SpdeSHxms3i1z0QykHrEFPHlbdTWX9IhRnUWkPtnlt8T1ABYrPOxdcaPvBD4hitv9_-rMbFCUsjaQrSIGUmHBhXfavKnV6M-q5UbPQo0W8vleN5o54LdJi40AAKYvIsK8L-pLKQvB990l3rB3udwNgPejgfGQ8fp-f7G8lzHdTCgHfXWoUU5UbL5YeP9MqqCo5WVV0Op0R7u3YqGze5fUX7-ebJZp6QxvhwA9jhFZQ_4hdJHNOK5NjHYkbFL8oBdpL22I6jo97RpPPlLagYN0pQcH5XrtP-OiaEpUBA_rVLsOs-u76ebUVlc_YJBdhCO9I1ByTHsE2lfZeargLljs8P4jwQy2KukO6GrhG4thSNZUi4KpK83c2TGWK9iZvfqwSgi4Xy3slgzXz_Tv4X02fcFSLFZT5Dx5Cl2l8HOZTnuy4y1PeiDwa6Ob4VBowoslNJ6mFXWjoXL_3OAQiE3F8RrRq5pplFgEXlQ5pSmQFmx0X-et3KJYtoywMDCy8xCwl3TcaZDDy6GMA9US3JnsptGZCnYsY-fV5rNkom07GSHszWEm9XrVddDEVt8sP4h2PvWMHO3rv5dhXXhrQDZDdkkMCo4jR3cKh5i9rzXcihD-CUGPeKC-aM-qMWzlrn5CObXtpAOs-q-h3DVbQA1ym2wZ55TcCTe4FUi8tnjgTBz0bBjSc1NGlSj5SqhgjLGg9w_e2qia1sBUj_4rJBE1ja7IVOlWZXt200l-nyJfntUxNq0VsJ4zobhH5BHqscNA6khIt5reXGuvJUjjs-Jo1Aci1Ui47e2IqxWgpzMQivDzDqCqlesb4AUeAcjO9TjCPYp3wOH08cHHSDwFc2f2ByPdSg-1ix3V66pEyEh37Uhi832SVzjP4eSExK6-IPhUqC4gAtw0Abc-Jwe_ODOT9xWusFYJvDUTR5iJLtg1sysZq1N2GjymHcDznK3viwL4FZuo06yfs2eaBayPpkriDgHGsq4AbPSILuq9je4mdsjWHwS3mxgLd1HynOQnbbV5EOHyJO82SBgR4ZHrTDIuz18R4phq0u3_0heAHcbw7_Yxz_c2pKJme43qOb-oZm8mN3PFETD5upAHF7wXFvWGLKKkZcFJwuKV-JgS6fsdkxAyzbLIXtHh_paAupW_ftc6PQJWt4MaZFfUsMzf3U7Y9zrdj94y4a-BB7sN1-znoziDcxZZ_RCv3gmNKkWM3NLUBzEElXjvE56_CQRobSitDAAELfj3MhSa2zHfc6tzuzsGjEl43vH1phwh1efM4PwjfVRYPAeGDfTIrjXmMl94NVGCkDb9SUOOmJHsy3sxd3Ae8FD5PI0E4ZG1y_HizK8erMQcvaoIXLf7gEFbnUEGNFhurz-tsK4QLNPZ76f5DCLplZ7le2izIZsGYQQVbsnl1zhimP9YAIdZuozQHgP4HI-H7-r5jaUYaJ2rsi9D2ooD1CIwpIyaZoQjZPzyZQTxdTms3kAkvt6hpAVqupPfMOhPLj0uHVmsex_N5E7fQ34k4ouxtM4KfgAZ_dJKYd_j6mf2gqoK0I7CVyZfKhnpJGW-CgYfFj4Dc04fOEs6GczNz1vdcdCQFqIhaKMtps29F6XwsQkeqiLVn4-SEgxvr9VtVIqbIvKh4iSpYajOi8C9ZvXdQFi7sG721yMZL9nNUoj-wws-B7_kkRFpkS1oPXR8s3EcIgRHLOOiMcnotd0oQhwP_bXsTlo_zeMOlE2ZuNY8OkI6qznXUoQZiteTJUOj3W32Zb8Fl3_VLqUoDqEt9qTo8OFJh9EvoyD8NmtlHWg7Q-5cBywG0aHUduFhg5tp6vT4DMcaGJKW6ama_fNQsgED-K5RtsPKmpKaXztS95ujrJHDkNhjB908PrKKfPChl9taTnQBC4fIRktGBF_3CYsWa7W5z_PcqtYTL060-kuuo7Lp2aBjlNZxsI-okWZt7bj8X3s4LLw7CUe7JBBBhV00lEmavLDRhMftsQQ4mUijG-2wBUQRcqMGEpZqhkQiXP4_mRcwK1wa7Sg2gBN_HPaAaVgX-hEpk20k8myXzJzslf9FoPKlKwZ5RS8HJn1bfvBusIeo9xlyFM56eEhtRHkNkr_YRD0C93-RPxDBUSs99Rs1lwI3ZkZdQROdH_qcoInkHMU0dccjjoFTP6fC9D-6oOiIb5bhPmzt5mScMCstL5HbqckRDyaN8hSYES-kWSApILDkXJMrr3tvw2Zi2foUfOwRmhVruoniIGcQj5pq8H4leKINAhvc8OxlK2KOFJLkdJVrEolfliNJDxD_-nMdN9FGs48DseTkwzMGVj2wy4PEDJ9VI5MRPnMvMu6JlIfRLlHJvppi0p5KhNe-4BBz407eikTXJMw4um2SJhUbUB7x9nPx_rtlGy70Glozss17N7hK9hwMIdM0_qRjzJfH8SMZRJNC-hZVkqJ86sN-xX4NVPKiXKmK3PNsCXfVFdMGpyXTjhD4_c526hwPbB-Yzjq6e0C3tvo-AjZ6idd3urfi7D9kPk5jkPN9OE1I5s3_70wNK2UcT2IOk3_4cXJhuLc4mAFw22BOfV2uwodoVchAfqFBmCkx-iJScx7urWs2OwC2SYgnUfk_Kwty-VGq2Dkt4HeohXhWQJmt2Z9ZRy06K4awQa2k_0S7r6Rpb7iaxXvsf1MijIszJffPY3jeLYT5g-cHtCtFekh8R5Uk-HazDGpTjdmyFFCeIHHne9Mxg_lLUYKo6hTaKHDm9pNhOX024jyNt3thzwQQgCQYxAuaKXOfNeVC6JE9nO9NrRO7J-3-8_2reZf2gNa40ENZW0pHzHiJmN28iU49EL-qngQetbuRg78rog1Ebo5oNAwPCj6MZ4-0TaV9zgdqvqKPoDHLe9mYRKFxr8rC4vXkESh2OTrBeT_Tpnr-vyIJ-a7uUIq1dbNnU5Bh-r1jL-5D2TZ-4852x6_pl68Q6lDMTc85iFkjGGroq_nu0nLeftYHonVlqmrj1xNvXRntErI6hfoKUUQ7xvq6ixDNyNHoIX7k8fIkpl1AXs1t3MPW6bfksbwHOBck8jb6TKjEu7VQfgq4f5f-pJTHMmdht-sC7mS5jGv0WIgsocDhrhv2JxqnM1Ott-4s3PbbxIe2J9UL_FJruTtXIxoybGw0MWyjYxzJvVfRA39jWDgUuSSb5d4g8YvMJ5RC3_cZHh36ZG83Dtde4y_bWtUNctjvtBLn_is91ptfNEocbSkmeNq8DGlbobwHnZPPD-3SrmH1KdMKm4fA47iAsy9ZA68GjlPgQkauDZoq6L7qHiREk2S1K3-baFT_oh7c0CKTLvaaGEsZdCk-ZGY1deskV8PDOo8jMsehti2tJp6dPqemUtK8ZwFFC-IvkC3W1hXl6tSoVwJfADRy7MOFxLk_6uhuTbrGleh3WLNbv2R1ooGH7dBC9FJvScMH12YI4TNlX3zdY6jNW695xsYdj5qzso4KLoaNN5BTCDKsU5JImaDxChEJvD-Rcf9iXZKhBIST2YP4-lDJh0CeH9tUi8kC-LY4BgRpp8gRbKEYK3GGxGPJlnJQBntsq7kVOLj5k&cid=CAQSOwBpAlJWLkBK6t6Xd-KbM4GmuvgXQaejLujx5V_uiFgyMff6ReMnnVNMqjdaWPMMcnbTFeG_BBun5zkGGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13244346013428867000&adk=3690638929&idt=2924&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11723
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame AFEA 0
594 B 390ms
389ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
an-x-request-uuid: 6f9dd1bd-4373-47e5-aa96-52eb397e08fb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.218.57.77; 80.218.57.77; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E8 0
56 B 943ms
943ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8549660094765&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E8 0
56 B 942ms
942ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8549660094765&version=m202307240101&ct=77&x=1&cor=13969742996100684000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ad
googleads.g.doubleclick.net/dbm/ Frame 15E8 0
0

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 774F 0
0

GET abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame BC47 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC47 0
0

GET UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BC47 0
0

GET
H2 200 usermatch
ssum-sec.casalemedia.com/ Frame D038 2 KB
1 KB 932ms
931ms Document
text/html 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/meng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ff430ae6cd60204-ZRH
content-encoding: br
content-type: text/html
date: Thu, 31 Aug 2023 09:19:08 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jj6KR4i9g6EoHc7oWoFMdEkFM6rubxzb%2BTxRJampoo9YIXwlHgeEePc4b0fdSDxMSOWcddAoEMfDQ%2FxqpwJlL9d5Md3AbLTV3kTBng6XPogkbRHGp5W2nOuMoUWX4o%2ByZoWRaGZNCQfFWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET r62eglto.js
ad4m.at/ Frame BC47 0
0

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC15 42 B
0 948ms
947ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CbVkTUAEL6JV-5O--WIAVJv9gwLHjJDev-ZZewfj3lhD23LvrCNyToytwfhgi5dKBL6-NHGw1DS51YDmmLXwet9sUsTQmxRa4jcy624eDVe-FeQ2o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527309&bpp=9205&bdt=3900&idt=19565&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=1&ga_vid=373335609.1693473543&ga_sid=1693473547&ga_hid=452535409&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2195&biw=1600&bih=1200&isw=336&ish=280&ifk=4254637907&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077328&oid=2&pvsid=3611494147333327&tmod=1742399864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ulj9byuxv3lz&btvi=1&fsb=1&dtd=19577

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC15 0
0 947ms
947ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=402917038661892266&x=1&ct=77

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527309&bpp=9205&bdt=3900&idt=19565&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=1&ga_vid=373335609.1693473543&ga_sid=1693473547&ga_hid=452535409&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2195&biw=1600&bih=1200&isw=336&ish=280&ifk=4254637907&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077328&oid=2&pvsid=3611494147333327&tmod=1742399864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ulj9byuxv3lz&btvi=1&fsb=1&dtd=19577

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 09:19:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FC15 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame FC15 0
0

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame FC15 20 KB
8 KB 875ms
873ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527309&bpp=9205&bdt=3900&idt=19565&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=1&ga_vid=373335609.1693473543&ga_sid=1693473547&ga_hid=452535409&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2195&biw=1600&bih=1200&isw=336&ish=280&ifk=4254637907&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077328&oid=2&pvsid=3611494147333327&tmod=1742399864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ulj9byuxv3lz&btvi=1&fsb=1&dtd=19577

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FC15 0
0 894ms
892ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSoZw0lBfN1wIyRijIclifA2O2rXOFvmPA6syKG1v-FpIRJfrj8rOPPJl3tqLNp912bnDV3V11fk_QhvnOLJXbaRoIgsw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527309&bpp=9205&bdt=3900&idt=19565&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=1&ga_vid=373335609.1693473543&ga_sid=1693473547&ga_hid=452535409&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2195&biw=1600&bih=1200&isw=336&ish=280&ifk=4254637907&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077328&oid=2&pvsid=3611494147333327&tmod=1742399864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ulj9byuxv3lz&btvi=1&fsb=1&dtd=19577
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f4.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FC15 34 KB
0 899ms
897ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693466346&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693473527309&bpp=9205&bdt=3900&idt=19565&shv=r20230829&mjsv=m202308280101&ptt=5&saldr=sd&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg&correlator=8473057090555&frm=23&ife=1&pv=1&ga_vid=373335609.1693473543&ga_sid=1693473547&ga_hid=452535409&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2195&biw=1600&bih=1200&isw=336&ish=280&ifk=4254637907&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077328&oid=2&pvsid=3611494147333327&tmod=1742399864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ulj9byuxv3lz&btvi=1&fsb=1&dtd=19577

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 09:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 09:19:08 GMT

GET
H2 200 frame.html
ad4m.at/ Frame C6E0 2 KB
1 KB 914ms
914ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1933040
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7ff430ae797bd526-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 09:19:08 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE2kCZAbvAYbZKI1H1W80qvgTVwO7KyfsMKu558qJwXm42YgK49LSldLZOyTpuJFGuVTMV%2FSfysPB%2F0CbL4DcGTCE0xf1Ih8NqZ%2FICULX4LNU2RdTx1KFw8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CA7 0
0

GET ad
googleads.g.doubleclick.net/dbm/ Frame 0CA7 0
0

GET pixel
googleads.g.doubleclick.net/xbbe/ Frame D109 0
0

GET getuid
secure.adnxs.com/ Frame 000E 0
0

GET sync
x.bidswitch.net/ Frame 000E 0
0

GET redirectObuid
sync.outbrain.com/ Frame 000E 0
0

GET cm
us-u.openx.net/w/1.0/ Frame 000E 0
0

GET sync
sync.srv.stackadapt.com/ Frame 000E 0
0

GET gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 000E 0
0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 000E 0
0

GET 142
match.deepintent.com/usersync/ Frame 000E 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame 000E 0
0

GET server_match
ad.360yield.com/ Frame 000E 0
0

GET rtset
bh.contextweb.com/bh/ Frame 000E 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 000E 0
0

GET sync
ads.servenobid.com/ Frame 000E 0
0

GET sync
ads.servenobid.com/ Frame BD97 0
0

GET p-EtBqU4Lj3YbAv.gif
cms.quantserve.com/pixel/ Frame BD97 0
0

GET /
dsp.adfarm1.adition.com/cookie/ Frame BD97 0
0

GET /
rtb-csync.smartadserver.com/redir/ Frame BD97 0
0

GET genericusersync.ashx
sync.tidaltv.com/ Frame BD97 0
0

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 5B3E 0
0

GET ImgSync
image8.pubmatic.com/AdServer/ Frame 0F98 0
0

GET v1
match.sharethrough.com/universal/ Frame 0F98 0
0

GET user-matching
ads.stickyadstv.com/ Frame 0F98 0
0

GET sync
ads.servenobid.com/ Frame 0F98 0
0

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 8CA3 0
0

GET pixel
cm.g.doubleclick.net/ Frame 0D28 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA7A 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame BFBA 0
0

GET idsync
tg.socdm.com/aux/ Frame A7B7 0
0

GET gumgum
cs.admanmedia.com/sync/ Frame F441 0
0

GET cm-notify
creativecdn.com/ Frame 5519 0
0

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame D3E6 0
0

GET casale
match.adsrvr.org/track/cmf/ Frame D038 0
0

GET pixel
cm.g.doubleclick.net/ Frame D038 0
0

GET dcm
s.amazon-adsystem.com/ Frame D038 0
0

GET ZPBbClK7t3ZOzQgsQRrUawAADK8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D038 0
0

GET ping_match.gif
pm.w55c.net/ Frame D038 0
0

GET index.gif
euexchangesync.digitaleast.mobi/usersync/ Frame D038 0
0

GET /
b1sync.zemanta.com/usersync/index/ Frame D038 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame D038 0
0

GET htw-pixel.gif
js-sec.indexww.com/ht/ Frame D038 0
0

POST rs
ad4m.at/ Frame BC47 0
0

OPTIONS rs
ad4m.at/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202111/839410b212d1f93ec3a336b6315565c5.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/8374bc0a0fa58eb329f967fb245a4ba3.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/a73c60d30679b99c147373354205f7ec.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/745e3fb7055efccd4e4eb6fd3da4cedd.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8cc3a45c930fccf2793bd77569a59aeb.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/0d4e1f637449c9d65ea8e1d409c1759a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/284a819f82851f791b23e3bd7a5acd2f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/e1e78300f57875ba2a5f29b640d0f232.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/4322a704218626eb902c84ef43eab2d1.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/67ab0136dd680e9e5040eb662d15a28c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/528fbee0dbfc6071b505660675b78c9e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8618be86cc5ca60deb2ac6bd5c93fd14.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/3bcc37d1b43783c4b56db91ed0990370.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/b3ae9470a29e08249ac1109275cb7f23.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/a5e3dac05d9a2cbe0ccccfd09560b0d1.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/afe874d9ae92480a6703ebe585c32b8b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/11acb8fade9b54e39cec1c3df3d492fc.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/fe41fb9302358a058cadeeddafef5970.jpg?w=150&h=100&q=100

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=adb9a9ed-59d9-4073-853a-4b04ee45ff19%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E7%8C%9B%E5%A8%81%E7%88%BE%E4%B8%AD%E7%B9%BC%E4%BC%BA%E6%A9%9F%E7%99%BB%E6%9D%BF%E6%9E%97%E5%B6%BD%E5%B9%B3%EF%BC%9A%E5%85%88%E6%90%B6%E4%BB%8A%E5%A4%A9%E5%B0%81%E7%8E%8B%E5%86%8D%E6%8C%91%E6%88%B0%E5%85%A8%E5%B9%B4&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=5c4017eb-dfb5-4db2-8165-1d2d57622669%3Bf2e608a4-4665-4ac9-be6f-7fd863060b91&l_pb_bid_id=2e0d42463a2dfa%3B36c250868ed81d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5c4017eb-dfb5-4db2-8165-1d2d57622669%3Bf2e608a4-4665-4ac9-be6f-7fd863060b91&rp_maxbids=1&slots=2&rand=0.5808523120959668

Domain: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Domain: cdn.prod.uidapi.com
URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js

Domain: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Domain: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Domain: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js

Domain: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js

Domain: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js

Domain: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js

Domain: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js

Domain: a5152.casalemedia.com
URL: https://a5152.casalemedia.com/impression/v2/693656/85/cjo5m128qbbq5k01tgrg/2b3771eb-0777-442f-9fdd-b0f96f5102d0?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1693474140&profileIDs=&creativeID=18d3693&pubID=189372&format=banner&channel=site

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dg_RoUkhfgs4Ok2UgfRRwLwpHmFtwP9u3gU11cQ2EEUiFATXk0Yv_dyltcyE8rMB6TPXLMIw3DE6JW4mW6h-ESscaJMlWA-1IOSXfhtvDXxD55Ahg

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12631175449375120755&x=13&ct=77

Domain: e3.adpushup.com
URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tZW5nLXdlaS1lci16aG9uZy1qaS1zaS1qaS1kZW5nLWJhbi1saW4teXVlLXBpbmcteGlhbi1xaWFuZy1qaW4tdGlhbi1mZW5nLXdhbmctemFpLXRpYW8temhhbi1xdWFuLW5pYW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTJjN2E0OWVlLWU4YTktNDU5NC05OGFjLTMyM2YxODE0ODJhNyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsInJlc3BvbnNlVGltZSI6MTc5MSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiaXgiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5Nywid2lubmVyQWRVbml0SWQiOiI3NjkzM2I4NDI3YTQzMGEiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMDB4MjUwIiwicHJlYmlkQXVjdGlvbklkIjoiNzVlYzcyMWQtMzEzMy00NzBhLTlkMzQtMTM0YzYxOGFhMmMwIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=29515.90000152588

Domain: rules.quantcount.com
URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%8C%9B%E5%A8%81%E7%88%BE%E4%B8%AD%E7%B9%BC%E4%BC%BA%E6%A9%9F%E7%99%BB%E6%9D%BF%E3%80%80%E6%9E%97%E5%B6%BD%E5%B9%B3%EF%BC%9A%E5%85%88%E6%90%B6%E4%BB%8A%E5%A4%A9%E5%B0%81%E7%8E%8B%E5%86%8D%E6%8C%91%E6%88%B0%E5%85%A8%E5%B9%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-kqzI-cVdnMoGGCtSj66XoQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.4764231766660654&gjid=0.2511645943542502&_r=1&a=1663&z=0.8574120862282024&gtm=45De1110

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=1663&cid=373335609.1693473543&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693473544&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&dt=%E7%8C%9B%E5%A8%81%E7%88%BE%E4%B8%AD%E7%B9%BC%E4%BC%BA%E6%A9%9F%E7%99%BB%E6%9D%BF%E3%80%80%E6%9E%97%E5%B6%BD%E5%B9%B3%EF%BC%9A%E5%85%88%E6%90%B6%E4%BB%8A%E5%A4%A9%E5%B0%81%E7%8E%8B%E5%86%8D%E6%8C%91%E6%88%B0%E5%85%A8%E5%B9%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=1663&cid=373335609.1693473543&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmeng-wei-er-zhong-ji-si-ji-deng-ban-lin-yue-ping-xian-qiang-jin-tian-feng-wang-zai-tiao-zhan-quan-nian.html&dr=&dt=%E7%8C%9B%E5%A8%81%E7%88%BE%E4%B8%AD%E7%B9%BC%E4%BC%BA%E6%A9%9F%E7%99%BB%E6%9D%BF%E3%80%80%E6%9E%97%E5%B6%BD%E5%B9%B3%EF%BC%9A%E5%85%88%E6%90%B6%E4%BB%8A%E5%A4%A9%E5%B0%81%E7%8E%8B%E5%86%8D%E6%8C%91%E6%88%B0%E5%85%A8%E5%B9%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1693473545&sct=1&seg=1&_et=2000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=373335609.1693473543&aip=1&sid=1693473545&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=5890311092

Domain: partner.googleadservices.com
URL: https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-7701563183069211107

Domain: csync.smilewanted.com
URL: https://csync.smilewanted.com/set_partner_userid_get/smartyads/74485f29a0a06d89fb33c56a3b77d82fbafe4fc1150812ac2e938c45de65e941

Domain: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=3344371289

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=44007&in=1

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=332&uid=962f2129-2d34-4a1b-b512-bb7864ca8d3d

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

Domain: hbx.media.net
URL: https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E

Domain: sync.admanmedia.com
URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=22

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0M1MkU0OUMtNzAwMS00QUYyLUFERjItNzQ2RDgxQzhDQzVB&gdpr=0&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=318&uid=W9Y3kSPf3zDjD8Br4UTbVHWrb_yc8EOKvVr9LM5kuzg

Domain: partner.googleadservices.com
URL: https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D2b34c09fd47afe4c%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw&gpic=UID%3D00000c92bae66683%3AT%3D1693473543%3ART%3D1693473543%3AS%3DALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7793296684248&version=m202307240101

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7793296684248&version=m202307240101&ct=77&x=13&cor=12631175449375121000

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/ul_cb/sync?ssp=index

Domain: euexchangesync.digitaleast.mobi
URL: https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieIndex

Domain: cdn.indexww.com
URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZPBbCuTJErtVcC-hqMm01QAA%265267

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB6aH0wAnFMCHWgtdz7Ju14&google_cver=1

Domain: s.company-target.com
URL: https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?in=1&pub=2079

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKVQ_AX-Ucp_iQOXcPJ7Gam08iDfqBt4YrqxyzSLBlerUwoRkx5SvyLE4lY-HpPDGeysF6EvqG9ZIanJsQ4ys9jyvtKLvK-5BKM-au52eavuU0XoCY2NchbNGv2kgHO7gaFoVfkFjpSWcS8_gv-NdSGepSAYFD41irMzlcwVc3zW081_U&cry=1&dbm_d=AKAmf-Dj5ay_hIr9s4CSAJCepAnEd1gTUw_ttrvNa5CFccO6q_wUs9PTfmSlwJpyYfYepH3Tg6f6zr2IsPGDaFCFComFfKprAmg-Ep4YTFm1_6bZCsGCLOekjYLJhpEvl20UZy7POG3gWctiNKUh8i5XtIg1UEjgAVMRwioVoVkOOI_g0wAOIGcSMOJc0sa6JQp0BCKkZpEJ22FgODLsJVAlLe--4QO91pqohkjgfKGhJ6_j9WmOE9kIWjLvWu5PO87na-bytqUweVQlYACm9DHteuzbSdCmjiSiYrYNxZsVkJXFHpO50hXB2PZW_DfgiKuwBKsBrSWafa6rDxzlo5Y36UpPb3p_B9BE2CYxIv-8BaofL8PbDpoelN28ZNDljiw68JG9WNh-eCP6xLw_dv00tP-lRVbCJRRjGfPemuC9vb-p8EJoTn3kxMjozA8NumSrLOLkxTd8JhwMWJ8Bec3z9oH6tvouHpF_106V1jwRxq-ai6N1sg17v235pPW9OT_73EunSYKXNkHCSg60XhdYkE62t_Qfygmq7OoBUyS7LGYOf003KwvWqD66r1OoQIoDjoGayJp58muPEltFJLggv8lLcrlZ8VBIOWeCfAHbycxVnpFi0Ziki0L-PayiE9FxTwcLv7e257Pro-IvKsxPDw4wmQ1TAUenWs7bpdOOSvRhvJqK8bzbZQRHfCvXf699gdKDx7D1LuXtcszlYwR3arPc7UADoQ6KArS8DYefx_RF4DtdMge5SQzsNDewzG5HNPE9-U4SL06y6eGjAieUaHWeCLq5s6htd6Pq3UQUYG_WTLhjCGgTmsv49q3njKxEjxuAeBwn0p0kZmtCOJW_6C_tScLczMTjcRnn57rCysFSobsGesAV8HMVbF7qzhiJEAmxTKnJ_2jsfgg9DLZFU5Bk2kSY7ztflWHPzfLhzkSpRA5mvHby4yK3h5CRYAAqJsNTfEDYR9-f7QsFktzipEALlvAIhpg3z-owjOHJdvx8JFfWTJyH4R3fVJEfOI9A5jhhG_ENH4lS1sIPEJDQA4Wjtveu6I8w3Cqa-keDdGdkz-5QzScZTkP5DgYuLpPe4oK4i_2XW5rAEoCMTQOG1l1QPNJIUpAvLMwaSw0ffc4T35rJ_nnK6Ddh0u1HxhwVkPGHCOn-8b2ZYZBH5G7sPHj-tr4umYiMu0KCQDjGhnO1xTCJQPe-xjCtbGzA4Km0Bpy751bawzUpb6znydVY06npLRKttdrczkIHvZBfglU8Z9UtMKvleQT-w9u_CZ_cxP1oG9ea8g30MHBMmcxoT2fWI82E3KjUr23INQqRxehzvBiZSoISNJZ3WawjNGcLCXBvE_dhz5l1yCaTZvAziaXMRVgrA2QJv3AXdmrUL4OWQ601wHNJsaYNURkOZb_9GmR_OSxguZecKrmydjo57L94EqzNz792Hn3v8EhDBVPIo0zEAwa-nAc5XlvmZcOpi-8jNWg8W8ZVqOWY-E7kU-7fzPIviVkY2sfjy1ehCuIA3PVYmkwjuH5P8peyKIRFs1TjZfapBSgV9oZqa95mtAVSYusB2Hg0T0Hz2IIwRDLVSL4PM6juY_NokrEZwgoaoDeyDDu31PLtShjlefKQf9lHC_6SwalFJ1Wxnt_cUBnqi1p1Ooj1oMPMa5LssK0_Is9nLEIRR0RIo6DZkyy5hhNCBG69D47ziYDsZwhhyh6HVvbHIWQhZXmjM3MxJOi3_MNqo8dLfQHoAIt5gduTeIzkbPgV233xVVkfvTQVs6v0ykFdoveBELubfj5-4WcSm8s5lqghoCM8_vyHLIP6KhaIEhwkoNTxD7xK8QkwLo1k2FTn9DTP1l-jNW38cNtY-tFqcE7FUQRV4vUeQsAzZpXFY6KtSiv6Zm9egrYHK1L1ZD6AJ6dnJTVX8l6ELLj7mDoqjsYmCKJrpZwhFsg-6dt0tkfUNZzeM1o1rKqVdhZ8LKt0tirJreO3zfFDMQtA21grD_2gUKNf2Emgn2Z6MUlCYyGdJRGW9KmA6zHyZl44SA2TQSJObaChJIF3RnILo21fsWyI_94Z1Qwov1Wpfo2VBK9LPkg78RKpZBHW6EJs59q9cnzwweqP5TmYG7d8USvesn8Q7e8DT86a-fYOdmK-ENuHvWoUNXRtelDUbinHoSOAdipGQGmFvTvm_0Mm-VsdZPcJMByoJTajuYiY40Gs7slCQ58FIlBqppHB3ZBcx4HBARK6PdqGBof3WxF5gGztGQUpOVFphoI9UmguGDeRsRAhMWAt1kmPWo9gzmK8Dem1PYQsHPh01slwpv9KZ8RldAJoU3SjSb3aFOUdBElGudPzUjqQB08Auo12cnpA7HrP3oDxXnlGsc_5Mgog9hR63-KBAbe77oMBJ-gDYN4k9Xz8YGr3ryZIJzteU7pKJeRdRV0Zlb4OudYPmnEKtyqZqwwliBifgiqtgI6Z7XNolgHgfURUuY61ANXlNVHhFI2xhIwFCo-h9W7l50nYa1S6ckMYeYHEkneJbI2Wdru-DOPhTaV0dk8CuiT39U_y57dMJiCRhbQFCZgPWEAklFqNeFkfmz3E3mi7DmRPb-y5uLiwmp5c7qoTFs5K_s8uCim4KmYfgbsL2VYkBU6VmWHxdBGgl5uaSSCeFLkfrQlKfIHd9KoaCTN6aN_VX5muJ94B5-VaaBPD2XwbIdiUzP7LGmluDiXCsHbehF7ehiFgOhe1g7gwOswjLxx4i7zA3vuNNIFg7P7uQzabyjQ3tKiB9_SPx8VDfZwxfcLGbPU17JQLIWOBZtyKbcc_jciv3XupiYRGpoE59iP_O1FCX8rI2kAmkVByc-hHuJGBpaViE1R6H8Y4qZWwVkQJuYRMw6n7m-alrzYOjCQn4ab4ZkdsIJvdtlF2YMct7ZuOMtl1Y1_ekK7BsIEBVyFO8PXagSQKozcU7lm0v_Kj6f1LKHhudIuP4gLMtwKufRL8r657J4ACcz-7FyPE4IY6xQ0tr9jNzKTmUvNK1U16Ze4dskZ28HkIWdG0zMCc3eSvNoR_DY3OZzTFLgEj00DnkO7Di3GyIqWzKzQAzoKfcM_H1r37LVWhRMxv682OH2OEhIKOnYgqkJ4TLZmAWV5BMGq4ifzQgzy4oGMPF4GzJS8HDA1ch0cPvrUtBJRPa7wL599HnXINynsh4KjoENItaTeCjmoP0sEh8a6pOd12qtvYfTxpjbQ_ZUFOhUxMA-LcHpi_QQ-tKarVouucXlH-NikqyirxlLBIIAs_khxXFWNYcOt_U9QYTloD9WG0VvejwcsWiKZdnb-kA5nYIhiqNL8bDbwE-39DakoS2WUIrtXmu8YW-R6Yt-dT5Q3LjRgDl7ogxHAKdM1WQFVN45IZHiBb13Ax3X5WsbwAHoPR0txeg-uurOyusFqsWKgDojItIgsHDXIBq4wpcRdGyCon4UmIDNpRUGRF8tiWvLwSotpgmw0_UGglsdyGSK06LfIkRKvbsnb1TmYg2YabiCW0pPvpgtGkH1f1EFYaZ0L_i3YcVa4OxLo9UlEscucwZiXW_N5-T_s8WxwSiSK8KEToXOrq-iur21pOpsL8sR6EBd5k9-6KT3yCEsEL_kRRPvaAy-NXIz4cxPMFwtEyi5qBsK-LkzPQyarfvz9TwD8m6aO5n9IqsmRbbA4mw_qiJa_UWwkhKNWQpckhW037y3YrFolXIoxlh-ZIaC9cisXtd7CCCkAE8tCUmgvXPSng0X7MWGnBz_kDNmTX7ie5fsx9cM2-9tMGETBjW5yke6-fyKlTLW0t9_NJ7mqUSLXim0AuhjsxT0OaHK5So38B7m30C_MA1l4_ov2bJ6JhyDkHHof54TliDp-4lAkKilwuBfPlGpfGu0WVBffOYwB0c-iWU2LwnUoteGFyQ75pEaH1alz7ck1oH37YeMxJCxfJXtQtoCD17rFWV457kPY-K5Fzc-sDFW3XHCXYhix7NP1MKpeQlpA6YG6v_URkFdC5khWSqUzTGMt_YzLsgYz7o1-dgFQa0EKd4qPMyBBbWAURNeIZhJXf9wMQwMB8FbYaV0v8N8u6BYWCTZFD5s6cxev17S5PheTQlNilMrfgZdy64YqshatgC37b&cid=CAQSOwBpAlJWLkBK6t6Xd-KbM4GmuvgXQaejLujx5V_uiFgyMff6ReMnnVNMqjdaWPMMcnbTFeG_BBun5zkGGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13969742996100684000&adk=1033480531&idt=3134&cac=0&dtd=3

Domain: pixel-us-east.rubiconproject.com
URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LLYYEZYL-1M-52ND

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Domain: ad4m.at
URL: https://ad4m.at/r62eglto.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9128983778885&version=m202307240101

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9128983778885&version=m202307240101&ct=77&x=1&cor=12591009620922790000

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cg3yD61d9GREDkegaOerS8VkLPem6pTk690aGf-F9OCsWz_9NlH0wujq-N_6fkUz7jC5VfowH-sQcg0wUnSOwPfy0OrSfRd3vx9aRXmKp_SdLtZhG1HUsLj11GpUzzqI6hWTtxeoz_1k_pBau8v5vXZsP00hc_7ZOsuHOGmkIdnzR_cyo&cry=1&dbm_d=AKAmf-AyMDV6G73_VqdwTkF1a2IwvzDlCFtD7-WNxOj9Bksc8Jk9tD4gpyLyGuCyGMGRc1w27d06tmOFhPwiw4k48O4woDAp030Z6YNw4u4zGEdGsqVDFFn-nqBNiqIjipPZHSEwojbCYaijjFCoC5EVIxThdRweUkq5l4jesydybCLYUvR1r2sXhPbEwUz8PRF-yWZqXDyEWVJw7Jx33pbMruXdQnmRDe-8067WhdwbMI0pQRyWZBeAjlKwNJssi13BuZ9juZQsNnMHwMi2_K7t3By_OH5HwoKYMrR52pRdBqySqtsv-LJYAGRsnoMAsFVXL7X_e1D_6QkIOzEpqF_HPf3hKV1MCwVWH_5OitpfgetttTpf0o6ldAED5G2cMB_cBvFI8NedSYxh472rF47x05LkmOUBCoA-JbhBxmqURzS4_N-Z2P9yHSoghLeZRHb-6yxXUjpbY2XPuoTPsKijcqO70JiLdvCR9pj8eJFwUxpNXqKuiNd3lnt4l3WvFhJmHcVtzkv9UIAdXGm2lrEBpLmaro0riJ_Aywx-bhBwjbNysVtMFYJW6z0nmTuY3cz6eFOz3c7Wes_3fL0U7IhGyrMF4d3v8T9m9POlHJBOeCYimKS7nwGdw3R0w0s44lrixpunY07em3Rns14fYcrrsnjPzX_12aMkjq-__b1-ealEE44m3BmXO3-qh--8BzrJZ33fhPN_YI-fZHMn4svN1GQM_wXt2ZY1JlT1oIbo-LyZt6Y-XhVraCLHND4s0N3Y2wzUMvLjAapJ8FC7QpwBvdt3JdbooDYq9M6BNquK3BPjUosyl1vMQsY_DtBzMMbPFLLp71wBRpazDwTRwEnwhMuJxER7nV9Yk2cIynyT_3VyHrEKBq0WdWQKJDveHtqpyQUYLSsBgg5j0lOFtlVqw2LiW_DWRSRCVCJr8TTFpkoBcyFzdvRqb7qWC0RPojCVHZqsiF62wf-7SnF_-tXjz2G2bPYFO_ZNO8PToIiYhyFOhj9csyDO50P5VewNmy96fk0Zq9Yd7Z5eVABMYZF5eX2accsdbxRp0WlsgX4OPg33QIIDWglPVov6VX4ZMIxU9XqWH1uuvhB2JWWZnOCZuiowlupYXTlOumeHIOjBSdrR2saS_NAP50F32l6uUy5p6njp54KG211O_Qa9pjn1R-HU_g5XmtyDyeUZMnJkl3AhFlMOs951OJnLjS-lxDXQ_1QnoT-ry0bnmtVqtWtz9jpH2s3MUM_HXrp84r0Ybb3FnirJXtTvZSHpq3ZYtHA2sZwe11Gz-yEsLD8xrBnClnppi2n4STpd7MWenmBvGAZfEiDixSK_KyKHA981N-UwKJn05fnCOhDsM3QdjtB1EoYPVXSaXrXF2DxZ7f9PToGvxDqJK-sso9uAaljHH58DHx9lJojFEPTl0FDeEMIeJgNQJHPzYvlxzomUyRHF-s8VhgAlDSVh6tOpvTEsFjxGYMAi-hCAlMaqpVrW1bHDDb9u7qYXrIfD4hENrD3Q1CqGMuneBFHz8HMV6Oxwhz6y-0vRpXBpBo_doOWSLxO-wQJmw6Vs6oUsjgaecgajQGZjp2cxnXGuExmhJXxJ-fazrskF0x8BgECUwUuHznAZSzvUyr6XNcQV38YSJkwo-ECa9aJ-DY8AoTpLcC85uEibQ93zHMzPyxJK1zbOZhW_HCWGzN-6qXdqqJTYGqxVrEXjFWtgH0h2V_j-9PsC9YOvFVcx_uk03MYlpcdjJLyjHfD4TCVTOcNTsZaeEaPzFKEmbEGd4eucFiHHkIm8oPXX3dPWR5-6EPOAsEqOpcUV33uYhBe41mVWm98GVIkcpVE6MdH-fFtWmx44mRe_-fc5snWx3zUR0IO62zzpSIR0mfbRIKN8p8zmQ4glkBVt07H3tGbbjSEVokTB-V4UyZRD3vDSrliMC_AK0ZZ4G9QMcOvMfOmRpQ-ywLqXwZi5FFMgTEe67DPeX5RFyW-LxuX25NwodJky1P8zxsAKdg4_DfwLgyvCo1KZC5dZMr-MbneWpTxUe2MkaPgxoMFfSSviiIoso680wiHFbqnSBOVuQhtH53No_CqC00IbVNNO-qjVPC2LaineC9PcvTPce8oWL_izmVd22SK-9QYQ-8zgTHmt0fQq5jJufQOVI1yIXrzm7RZzAzV85bg_9Qn4QLwVHfTWCUqY_qaNy7HkhACxsfNvO-UNTfxI7ho7ugxi4DWpCOeA5YZCOTDXTOOZxXJB90-VMNHc6oDIULEXPdDbomrc40DMfSZbcmLl3CofaYqyEXGdyz2QtVrv06NEQk4dgDbDRs6LgnTkF2AJ0vpt3Km5kumEtQvg-WDc30evGXwz5YdAwjk9sqHPy8jdixGpVtbOry5WF-Oc--XObnzK6IiAGKOM2cT6GItTziuDWrr2XApf_PK06zV1BQSYkAuv_RDzTzMg19R7lroUgnGleIlh2QmKXzx21qWcBvIbHtnflFRjZ9b6PigAOOKUD4FCMVQxV-en0LLvqYhVl10OttnFSNe_qf3mJ5KtHATtCa5LfeStNaEaBSUd1SCcFblI2CSYPeIxEw31m1FxKDgHf8DjS1xgx0NvjzeG3SNQH1Atako3bBiivZbEDO5D2Pvt0ilAlbVzHGtH5M6IiZTFUpFH2QV_Dl7qSpc6RtKc3AImvpVR4FzZeHTLHGtSOQWZbK0j0jm8v-4E3a1XKRBIOBXs732VdYEKFCeTbo5Nk0Wx1_4_64lxVmkAvqqvLSwdpDK7o8hodAkHu0o_OckDuZK8jWVmqASxJfn0AVXaXw6-tH6HbFgNRsukfd2mlDRasu-loY8eu__Jya3iRtp9dbYnvVIATcgD3OTDkxw7rRLml8CFjudQzt1p_CyoaenzNaw61dSTT0WRrFaRQZo7DWy22baKIVwfnxnQTY-3E_buj1Nu7fzl43tsMrnP4yCzMLEzAWWolRyrRQreKMx1pfx91uSMlP-LLoeXZRjLdKo0drbyJBDmffLIXk5oFW_oN46mxxhIPgbVak-ghpMQ-Pt67kyRsFPiM4sUVm3VoQczubAFHjXGkeJGCzCmBDl8GtGzLHPeY0bA6KhivOhyT8u5tkoLlj7-U3DS1aCQwPduj3D31AhAUGiL2YAI8ainzRWJW87zci6T6JHmuLkLQnN4rqoetSvP30aFiwCjpRel5Fv-1TnO4bkwY_m3qiQ9YzGEKkw_oqAV_N9Gvg9rUoOUdHJX1SRHhFAdVomuNceNnGjk4tgnXTNJp2-6bN8ddROR56yDgeRrCjet8k8VDFPaPfQ_Xduv8ILm2aDeo-qI-XVBQmEWXTycNPYJbvq01yvUZVPFzAWKeIFVyKpfFBx2h7ZABd2whKyE3lgHWwuVPy0Hm_XVo6Q12MD7pATVgiT7NsZ-7F4Wi_wh_RTpCrzWp9r5dGrMAssHrJ60GbH1qZANvIdcqNVcFTlW1rhK_W2Ly7l4vbt3g5-A3ZSv_A3dGL_l1EltLYjdtChfQkCunwCP5k1rjZSFZQ9r_wrB5Ly7kPJkBDDBZqOn3mShOJwRZI2l9_LyOcMFL0nVWGGqtHNjF6i0KTd62HVzTi6Mko-83eotxbLmIXuVu0R4aaXVRdZ8t9aAaRUlAb_6gZwoVVfVFpFptiKGrvnK37mjwAtZR0RJmrIBH4ZWZvFopTFb1hmYJbN_KsvylRvJoEEd_sOtliXbt_NmZOYGfE34Po-jc4xA-1uwGTszc2XVtLPFPur-lvDeq87KWIqrF86oEQ9jHocEEqBd3F_aV56ApXzJcCIShKwbgmz2O1DRySgWpfGnUw&cid=CAQSOwBpAlJWVMgE33HqI-QAsxY6lj6wcP34vyQTPGZheoFEgeLbUHipxTV5chK8clBBp9h43IYNlEZo6lo6GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=12591009620922790000&adk=3676778483&idt=1065&cac=0&dtd=12

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXXKHHGY6ezN6Y8FeKAdLgHmwA2WYI_ztWwf9ca1ZgJsZA94x-3ZeyFPv9dtlUtc6FI2golamuJSsCfN5J6ewzcSyHf0A

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_57afbc95-8181-4170-b58f-c1574095ffda&gdpr=0&gdpr_consent=&us_privacy=1---

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_57afbc95-8181-4170-b58f-c1574095ffda&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

Domain: ad.360yield.com
URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=309&uid=e_57afbc95-8181-4170-b58f-c1574095ffda

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=317&uid=703044000334508005&gdpr=0&gdpr_consent=

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent=

Domain: sync.tidaltv.com
URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20766506&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID

Domain: match.sharethrough.com
URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=352&uid=yd5htrMzCp_s

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2FmYmM5NS04MTgxLTQxNzAtYjU4Zi1jMTU3NDA5NWZmZGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/gumgum?puid=e_57afbc95-8181-4170-b58f-c1574095ffda&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=gumgum

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/casale

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPBbClK7t3ZOzQgsQRrUawAADK8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPBbClK7t3ZOzQgsQRrUawAADK8AAAAB&gpp=&gpp_sid=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/casale/ZPBbClK7t3ZOzQgsQRrUawAADK8AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Domain: pm.w55c.net
URL: https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_

Domain: euexchangesync.digitaleast.mobi
URL: https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d

Domain: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-pixel.gif?ZPBbClK7t3ZOzQgsQRrUawAA%263247=&gpp=&gpp_sid=

Domain: ad4m.at
URL: https://ad4m.at/rs

Domain: ad4m.at
URL: https://ad4m.at/rs

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 23:10:09	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dbd741f77-2588-4ad3-8a94-a65d0ebcaf2c-tuctbe9e071
.aralego.com/	1970-01-20 23:10:09	Name: sspid Value: 988e88a8-d7e7-3a21-b705-a6e3ce35ff95
www.bg3.co/	1970-01-20 14:24:35	Name: __AP_SESSION__ Value: 49db1b8c-e710-45f3-a413-676d700f46ae
.yahoo.com/	1970-01-20 23:10:31	Name: A3 Value: d=AQABBP1a8GQCEFs5qwtCZi9DvJpvwiOkhdAFEgEBAQGs8WT6ZAAAAAAA_eMAAA&S=AQAAAnEUvAGAdKl9mixyUlnEVoY
.doubleclick.net/	1970-01-21 00:00:33	Name: IDE Value: AHWqTUlhj6CwWYgy0E_OfwMNeIvMEIKodMVKBlH7ACpFKjf_-OLY_t5FqTXsxWxOyV8
.rubiconproject.com/	1970-01-20 23:10:09	Name: khaos Value: LLYYEZYL-1M-52ND
.amazon-adsystem.com/	1970-01-21 00:00:33	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:32:43	Name: ad-id Value: AzOB1l3usEsHqqt040B75gg
.linkedin.com/	1970-01-20 23:10:09	Name: bcookie Value: "v=2&8e135669-eb18-4dce-8be8-42b3815bd509"
.linkedin.com/	1970-01-20 18:43:45	Name: li_gc Value: MTswOzE2OTM0NzM1MzQ7MjswMjFMtePCdXU41guJF2oUxQruarrfFpJC5uiaInUhZZaHrQ==
.linkedin.com/	1970-01-20 14:25:59	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3073:u=1:x=1:i=1693473534:t=1693559934:v=2:sig=AQF8cHinhD1xgbZROI75tlgLXgQ0Q6Hr"
.aralego.com/	1970-01-20 23:10:09	Name: euconsent-v2 Value:
www.bg3.co/	1970-01-20 15:07:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.bg3.co/	1970-01-20 15:07:45	Name: _pubcid Value: adb9a9ed-59d9-4073-853a-4b04ee45ff19
.prebid.a-mo.net/	1970-01-20 23:10:09	Name: __amc Value: 1_1693473540_1693473540
.omnitagjs.com/	1970-01-20 15:07:45	Name: ayl_visitor Value: da0a84004f79e4fcc662c6ac2d98a1be
.teads.tv/	1970-01-20 23:08:43	Name: tt_viewer Value: 86359dfd-db3d-4a3a-bc1d-c3552bf240ce
www.clarity.ms/	1970-01-20 23:10:09	Name: CLID Value: ce6a17488a604987ae1b149718084e58.20230831.20240830
.bg3.co/	1970-01-20 23:46:09	Name: __gads Value: ID=2b34c09fd47afe4c:T=1693473543:RT=1693473543:S=ALNI_MYKEvFdOvTw3hGxsaIAXQr6OZhfIw
.bg3.co/	1970-01-20 23:46:09	Name: __gpi Value: UID=00000c92bae66683:T=1693473543:RT=1693473543:S=ALNI_MYecYbrRaECxfwlr9lfrmSXrdqbWg
.bg3.co/	1970-01-21 00:00:33	Name: _ga Value: GA1.1.373335609.1693473543
.bg3.co/	1970-01-21 00:00:33	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1693473544.1.0.1693473544.0.0.0
www.bg3.co/	1970-01-20 15:07:45	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-31T09%3A19%3A04%22%7D
.adnxs.com/	1970-01-20 16:34:09	Name: uuid2 Value: 1110900752246686789
.openx.net/	1970-01-20 23:10:09	Name: i Value: 881c5171-2720-0f26-0870-3303305418e5\|1693473546
ads.smartstream.tv/	1970-01-20 23:10:09	Name: DID Value: 0927f3556f4f35dfed047e2668d29b83
ads.smartstream.tv/	1970-01-20 23:10:09	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 23:10:09	Name: permanent Value: 1
.openx.net/	1970-01-20 14:46:09	Name: pd Value: v2\|1693473546\|gen0vNvQiygu
.quantserve.com/	1970-01-20 16:34:09	Name: d Value: EMgBDAHrKYqsMA
.quantserve.com/	1970-01-20 23:54:47	Name: mc Value: 64f05b0a-ee6a9-7e5e3-3a2e3
.servenobid.com/	1970-01-20 14:34:38	Name: pid_337 Value: y-A6p9lulE2uF6DhSElzipkhT4xrjE31MbSoxRbXA-~A
.servenobid.com/	1970-01-20 14:34:38	Name: pid_312 Value: 1110900752246686789
.onetag-sys.com/	1970-01-20 23:54:20	Name: OTP Value: HIwezhzev1hxOLl3RHnzKFfmqi1QE5HNkIZLhMHAODA
.1rx.io/	1970-01-20 23:10:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8504a1c1-379d-4872-b763-5584643003ea-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.smilewanted.com/	1970-01-20 23:10:30	Name: sw_user_params_infos Value: Rz0KJt%2FRpSiuhFs%2FPziire58KeTk8CiLRsq0YXfdjVU5uTwLRzMzWG6wWoyWx7zWliUm64nz%2BzkyET4%2FTGHBxT9Rd9J7yq3dLEao0gqC%2Fi0o42MxlJzsEHRqXCBdBOadF13mt3A%2BZBhXOxwCva%2FhE8soX0bRWdB0myokkeMl8qeI9vZazbaJGD9LLRFMMgCy0aK4A5bzTITdC7T9LE9IUn1GqQINugmFM7E3rBRE72GRFtcuKaEiW%2B2RxUuBLsM5
.smartadserver.com/	1970-01-20 23:54:47	Name: pid Value: 5488853778262683603
.analytics.yahoo.com/	1970-01-20 23:10:09	Name: IDSYNC Value: "196n~2dnl:194o~2dnl"
.pubmatic.com/	1970-01-20 14:25:59	Name: KTPCACOOKIE Value: YES
.rubiconproject.com/	1970-01-20 23:10:09	Name: audit Value: 1\|hm5+3M8h73+ycVJH6D0Tt8XkVJHcOYe/qJw5gIf1KLzf5eYvdBgGdhCEHo8QzudHb0yoIyK5lc3qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.casalemedia.com/	1970-01-20 23:10:09	Name: CMID Value: ZPBbClK7t3ZOzQgsQRrUawAA
.casalemedia.com/	1970-01-20 16:34:09	Name: CMPS Value: 3247
.casalemedia.com/	1970-01-20 16:34:09	Name: CMPRO Value: 3247
.us.ck-ie.com/	1970-01-20 14:34:38	Name: CID Value: 35a9e34a677aa1bf1dcdaea0b524d3be021aeda2

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/8cc3a45c930fccf2793bd77569a59aeb.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/e1e78300f57875ba2a5f29b640d0f232.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/0d4e1f637449c9d65ea8e1d409c1759a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202111/839410b212d1f93ec3a336b6315565c5.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/a73c60d30679b99c147373354205f7ec.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/284a819f82851f791b23e3bd7a5acd2f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/8374bc0a0fa58eb329f967fb245a4ba3.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/745e3fb7055efccd4e4eb6fd3da4cedd.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/4322a704218626eb902c84ef43eab2d1.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/67ab0136dd680e9e5040eb662d15a28c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/528fbee0dbfc6071b505660675b78c9e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8618be86cc5ca60deb2ac6bd5c93fd14.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/3bcc37d1b43783c4b56db91ed0990370.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/b3ae9470a29e08249ac1109275cb7f23.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/a5e3dac05d9a2cbe0ccccfd09560b0d1.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/afe874d9ae92480a6703ebe585c32b8b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/fe41fb9302358a058cadeeddafef5970.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/11acb8fade9b54e39cec1c3df3d492fc.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvbWVuZy13ZWktZXItemhvbmctamktc2ktamktZGVuZy1iYW4tbGluLXl1ZS1waW5nLXhpYW4tcWlhbmctamluLXRpYW4tZmVuZy13YW5nLXphaS10aWFvLXpoYW4tcXVhbi1uaWFuLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://rtb.openx.net/openrtbb/prebidjs Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://rtb.openx.net/openrtbb/prebidjs Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a5152.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
am-match.taboola.com
am-vid-events.taboola.com
amp.analytics-debugger.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
c71d37e279d813295d127a903ee7afd8.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.smilewanted.com
d-21189372231412333876.ampproject.net
delivery.adrecover.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fe223a3fa65cffa7fc216fdad341cd67.safeframe.googlesyndication.com
ff86eda8cf72d09bf62aac5b11ccd0e7.safeframe.googlesyndication.com
fonts.googleapis.com
g2.gumgum.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id.rlcdn.com
il-trc-events.taboola.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
oa.openxcdn.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
public.servenobid.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adkernel.com
sync.admanmedia.com
sync.aralego.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.tidaltv.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a5152.casalemedia.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
b1sync.zemanta.com
bh.contextweb.com
c1.adform.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.unibotscdn.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
csync.smilewanted.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
euexchangesync.digitaleast.mobi
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
hbx.media.net
image6.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
oa.openxcdn.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-east.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync.smartadserver.com
ssp.disqus.com
static.bg3.co
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.admanmedia.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.tidaltv.com
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.clarity.ms
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
103.231.174.251
104.16.88.20
104.18.39.155
104.26.11.209
13.107.213.60
13.107.42.14
13.32.99.50
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.130
142.250.186.130
142.250.186.138
142.250.186.161
142.250.186.42
142.250.186.97
142.250.186.98
147.75.84.158
15.197.193.217
151.101.129.44
151.101.65.44
162.210.196.208
169.150.247.36
172.217.16.193
172.217.16.195
172.217.16.196
172.217.18.104
172.64.102.25
172.64.149.180
172.67.10.198
172.67.71.254
178.250.7.10
178.250.7.13
18.159.76.58
185.106.33.48
185.255.84.150
185.29.132.241
185.64.190.79
185.80.39.216
185.86.138.153
185.86.138.155
2.16.238.17
209.54.182.161
216.52.2.16
216.58.212.130
23.218.209.56
23.218.210.30
23.35.236.188
23.35.236.201
23.49.31.203
23.50.131.70
23.97.225.52
3.233.146.67
3.73.155.121
3.75.62.37
34.107.148.139
34.98.64.218
35.157.76.61
35.227.252.103
35.244.174.68
37.157.3.20
37.252.171.149
44.193.104.224
51.38.120.206
52.211.254.183
52.51.73.145
52.59.55.175
54.171.4.14
67.220.226.233
69.16.175.10
69.173.144.137
69.173.144.139
69.173.144.165
76.223.111.18
77.245.57.72
8.2.108.175
91.228.74.244
95.101.148.20
95.101.54.233
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0145343f785d8e0f2347a5e8dc6db6a6e3fb421be5a1da5cdb09892ea4dab942
03d3f85197360e4684f26a00d33541910a8e4c157c6372d09e41994ad039a727
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
089193c5def6ea660c36eb5facb28fab307bd87dba4dce136ed049ca16a0012d
08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b33f89610cacd7b17f7b6c16429d0505babf974a31f0a2d6ea8b5b155a06839
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c19ceb9e644432030306134ea0de541336c4e1698356fab363bf803e2583990
0c7f06d5926f4da53559d7f0e3b7db9c2f0d1ec51884459c31348a6377903114
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d65cc74893d397908ad09161a3e9f5d716cc4b13d7706b056d0298912958256
0f8b342822ef1fa6a4a38d2d7921508eba2f06150762e3536a9949d8d7cf7b3f
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1586d3e5fb8201f5a837561396c86effd95693155eb9bd2ea84746c2f6ab5d66
1711b130e81bf66aa0781b7799fdf8bf13458ab01aac68368d4815581c158c97
1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281
1fe72ac12934187ba4ae8090a861fcc160c3fe0badcd70735c9067117da7b2fb
20572329ec42b7f03e9731f0fbc9e45855db05527318f5b5c7d75ba18b04071f
25d1b9e388b15132d728417cebe03a814f5b279a5d9a86bcc929ba43869d1f6f
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
26337b0ad1b1543caff1a56097abc7dcd2784e8319c5232ceac4a608adab1e1c
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2741a9e2ed5bef8e4aebb8ae1767fca6902f8c7baab05a2c7119c2fb42479d38
278406806e3d6a685b7dac3de1803f49436036df9a554941230e761cacb7ff2b
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
30df5452099ba89a1d482e1bf5ec270b2ef9e9852a6a6e23cc69e9ace0fc2be5
3104f2999c906302457fed73c67b857b108ef3aff79920720122ad435994db74
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ba30fabef8a3646d3449ae6e2af4a6fadd893988410fd1ea78759403cd5f81
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
3652b3f625e83250b93bee91eb474f1a6dbee1d2c8519331ab48f42e72c1c750
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
377031c455f8045077982eb9ed6e1ab38d22dad6b7e31a1e7e7eaea0d177aa29
37cad418c36ef3bcbffbee28600e2cdb2339a754ef141fb75c0de3c15523cd44
38256684e4b933c4be91510ff4e2dc2684db9d87672ebca41cfc643476e44925
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f5113f6fdf912946eb427523777f496019f8b48d318d33db21a61f091d78978
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6edd4ba91520b126f5baa9222c8fda8d08ba4c65659d50b2ab4ecd8aa310e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d8de01595aa6326c6f86dc2006108c4c83f441d553293064491a73ddd95d2c1
4d9a0517cb61fc72ab1f736d7d9e70edd9664a5f01a3bfdf20dbdfc53b9588b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56f21526a59690214e359621dcae86126d154d27d33c8b1644af2a78c45f12bd
57e8066598173ba24d95990c567552df53ad7ac5bd0fa1b0b77f34c01a18aca7
58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67969e81d73084e8b59350139fd5c3c7116718e978c30c73aacfd0a0b2c1d301
68ee52ae7b3d20de9a27d768256641866d450ec7c6d4dedc54a0efd7f2c957e5
69fe41c791cb7e9d0c0302fb9b341216ffb4915ed08ee5ac15831731f71e1bfa
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
700398807e34023d67ccd866d532b650e00a456f43e8aed5a052a3a512800594
70f067358a51ef0da52680706e94b7cd6664860dee7b11c1b5a22d9080de8289
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78533426bec4ef502ec4a64ad70e199d063450271f55643de9c7252ce4ccab9c
78b1fdd347ffe6ebfb7879e01645c458583fa8a74a15533822bb76c51454c119
793e9341a3c42ee4016974d4b91101b42c8834a5532c0a2f5f61b6cfe6acffcc
7a49046f36bdc6d5ac72f61dd03d0f50c43e2587a5e20b55a5d821bc2e8bed4b
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
81f5c6e1abf8d3d9a30e2ae804208b24e57fa5de96856eb8a9b8f61312e9f914
8268abf9898fd4eafea5a954babaa1771f51b1ffac7c96f507cf47359fe20102
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8382752dea1b971983eeee3c2d2059c386b0450cf813ae0b54227303c95d7213
83a0cbe9d9d581d9528450736999a2aeac3dbc83ac7ae9d3d5ed0d4a1b2da611
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c259533ec47744d95ce3323001c1bd3dad5317528f875c73eac53352d0fe85
9139e8b1528aefa936b8da179811e414eea46b90344c63f96705ea90103d703b
923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
941a162b6b1fc1f22dee6710e5e6a801b30c94dd05c89df0d4fe1d5d2d64592a
96df991cd01e45c69647b1631217419decb417c3949037b76c96df443276a07e
990d600194e6659456d392416e921c0ef77b1f792d62e6705d4fe258c8a95375
9c903998f98922c65b42efe9f5b3daf281a94ffd5c8633ab1d49001cdb11cce4
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9ed8d22b40d30ca76771d14a739c9ef4028fced22e2391f49f6ba43e6851cd79
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f
a331008b5c48a765021d8719974756979333876f5efc9a7a65d9589bf9a564ab
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26
a98278eee18a1c55f00d62132063c0e52b948a725f502877160d5d15b2b46a57
aad554e0e63664eff8feadcbf4df49f1395f2384b39124565a7d5dbf1707a0c6
abfec734afd0878ea18f70b04db5c601612da43ecb3d70b537d7d9082631a377
ad21b5e68c45279b8ddc343c223f3e69e6fb03b45ad70f7f1f67a350ccf905fe
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
addb754cc9aaeec8e1ff734b6dcf7a6f70f33f6e4af945297f4d9b96143dc892
af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04
b081f758eb4f787016ce0140a615934de59a34e01843db159c37bfe059440986
b0f3c78774951e4d0cf8123286c72c1446edf839405542bf5b4bd5a00820f702
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15fd2698909f021faee07724e65ecf469015600042587c3183e0dafe0e759cd
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bac7a50e6167df42be920266be012c292fb308da3e4afa9a5e22b389ec403a5c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3
c8645f41116997c8bf77985ee10ffaaf515c3ca99c4bec5e115f66813cfdeb6d
ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e
cabd95e9c7b16f60a9faa683088a5e20ae86467859920e87057fae02d0a30836
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
d1521a7ff195d7ae07764fabbb7331529047213a760c276b5c9eaf611f31c2e7
d5b6e720c97545e44ecdffedb536648d55054637f814638246f3a455e3a36eaa
db828dbc452816b9dd38203778226d9defe12187d98d0148928005dcabb14d87
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d
df65cadd4452d3c90851c111d9b58a14405bd274e09db53c8becc63ee40289d0
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e361396300428cd3c7d4f259de28cd0c1b706d3fcd6a5e484efaf51a51fb87f0
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73480c41823ecca06aea8b2a538d9ca5baf42b598533bdc5ad9123ddf3c0169
e7474f7b2bcea09001fc2c44bcd872eab0c45d2d3a12a927af0df4523fb48554
e74c732b00eae493621cd75b24905addd39435b2668c69c662e6666a98279dc6
e79e61d32a80f696ccdaeadc794f2f7bf13163d3d624f1496a86d1933e109fdc
ea1ccd556baaf93dd1ee9f13e1e6248853fdd33dc82a0415f682b57ef1b61d56
eada67cef809faab179bb42d56042d47c6a205526e110cab1a8f03a585104a88
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
ef59974d981107d4742ec62c18eb7398996371d7cc8812cb1cc3dd4ebf3a0313
ef7e0e0f5607be19e1435d5c2a116506def82a9e801a9eb4ebc6b6b6d97202cf
f052a9a5963bfadca448a34f04e1e607b43fc84993033b8467507108476d7069
f41e3d36c7e6b7a675503212266d0fd322c783f72f3daf64c6ceb4e50b444e29
f49ac5f2839705797a719015b7081bc80a67faaf50be2991816fc360ab844457
f4a03831bf6e089b4305045c2ea86d52bf2a149a44c77b3b57a87cc427ca9654
f65d74d48304310353ee38d26c82aa0bb4486ad4c9fad45c8936ffd3f2a3cb35
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7625573c83d7135aaab11d87001a0097fadd3432a63813dc07e37a3ec8e9e9c
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

479 Requests

66 %HTTPS

0 %IPv6

83 Domains

140 Subdomains

78 IPs

10 Countries

4283 kBTransfer

12324 kBSize

44 Cookies

29 Outgoing links

Redirected requests

479 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

479
Requests

66 %
HTTPS

0 %
IPv6

83
Domains

140
Subdomains

78
IPs

10
Countries

4283 kB
Transfer

12324 kB
Size

44
Cookies

479 HTTP transactions
0 data transactions