www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://www.lecker.de/schnelle-vegetarische-gerichte-30-minuten-fertig-51981.html
Title: Lecker.de

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://intouch.wunderweib.de/charlene-von-monaco-ihre-verwandlung-von-frueher-bis-heute-113992.html
Title: InTouch

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://www.lecker.de/schnelle-low-carb-rezepte-20-minuten-fertig-68113.html
Title: Lecker.de

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&ri=aabcf1aefa47e5c0af3e6e49cfbeb7a2&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&it=text&ii=~~V1~~-3817639421150153926~~XoCb5VC6S8jmQTzT6pXwEoOsS-sUrg41Gynb3QmInOse79Ni-eBnd8iQ4KmvvX-QPtVvJT2oZsUKTcbUlOwtfERdu5LyORBfSdS6HBzWzQ3BhJHgXWV4OuY-0ToxFss_Qduf2w6go7zdIO7EDypQ9LmanRa8F34mo1Vlf7kRxXBRQh2D2cEFoulXreODML14o2q2cNWZ8qU8Pfnjl1rReo6zhr_uog6GC70OqLAd6RE&pt=text&li=rbox-t2v&sig=4eef6372a81e4ab5c0af3149bfc221246a5bbcb8c0de&redir=https%3A%2F%2Fwww.lecker.de%2Fschnelle-low-carb-rezepte-20-minuten-fertig-68113.html%3Futm_source%3Dtaboola%26utm_medium%3Dcampaign%26utm_campaign%3D10919013%26utm_term%3D3006213076%26utm_content%3Dbg3.co%23tblciGiC6pyeGoKUSh2gLoPShYn1F8qGp-01qltc-5ACeUK-ZQSDjmkYoq6vD8_WMr6ypAQ&vi=1700633424167&p=bauerxcelmediadeutschlandkg-leckerde-sc&r=44&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ppb=CMAH&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDExNziAgrKaBUCy0A1IzogQUMOz3QNY____________AWMI0DcQjlMYMGRjCPkhEJIuGAJkYwiiNRDiRhgyZGMI3v__________ARDe__________8BGCJkYwj-FhCKIBgTZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI7wMQ5GsYCWRjCP9GEI1mGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB6OKarb8x&cta=true
Title: Weiterlesen

URL: https://1ls8wt.snzgdl.com/
Title: Prostatakrebs | Gesponsorte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&ri=637d0328a64d7dc6417bd84ed5354d51&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&it=text&ii=~~V1~~9192930712548313141~~KKP3VyYwQOQkm2YnNS4tXmGQmVQ_O4ZvUxDHSfA0h6x9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15zH2LMBnfpLD52kTWTfrWMGyY8m_OuVBytqU70QOUx8im6c-n9v_EKnUJWUIcRxLTSbimV-6yschCjtw5R4sevUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=95e228e06e6309f909a510aaea5a14033b2c3495eadd&redir=https%3A%2F%2F1ls8wt.snzgdl.com%3Fsubid1%3D30055904%26subid2%3D3861430388%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiC6pyeGoKUSh2gLoPShYn1F8qGp-01qltc-5ACeUK-ZQSCbhVso68v4-fGJi_QV%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DAnzeichen%2Bvon%2BProstatakrebs%2B%257C%2BViele%2Bw%25C3%25BCnschten%252C%2Bsie%2Bw%25C3%25BCssten%2Bes%2Bfr%25C3%25BCher%26click_id%3DGiC6pyeGoKUSh2gLoPShYn1F8qGp-01qltc-5ACeUK-ZQSCbhVso68v4-fGJi_QV%26dpco%3D1%23tblciGiC6pyeGoKUSh2gLoPShYn1F8qGp-01qltc-5ACeUK-ZQSCbhVso68v4-fGJi_QV&vi=1700633424167&p=search-prostatecancer-sc&r=42&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ppb=CIIH&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDExNziAgrKaBUCy0A1IzogQUMOz3QNY____________AWMI0DcQjlMYMGRjCPkhEJIuGAJkYwiiNRDiRhgyZGMI3v__________ARDe__________8BGCJkYwj-FhCKIBgTZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI7wMQ5GsYCWRjCP9GEI1mGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB6OKarb8x&cta=true
Title: Jetzt Suchen

URL: https://trck.tracking505.com/ee29c085-7344-4d17-9110-dc7a6aa20d21
Title: Pergola | Suchanzeigen

URL: https://www.tipps-zum-reisen.de/travel/urlaub/inspirierend-diese-25-europaeischen-straende-sind-instagramsieger/2/
Title: Tipps-zum-Reisen.de

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&ri=826f9c60a09a40214ac6e69dd09df4f4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&it=text&ii=~~V1~~9192930712548313141~~KKP3VyYwQOQkm2YnNS4tXmGQmVQ_O4ZvUxDHSfA0h6x9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kD7VbyU9qGbFCk3G1JTsLXzll8U7U8fxWpPkiBRjEp7GGyY8m_OuVBytqU70QOUx8im6c-n9v_EKnUJWUIcRxLTSbimV-6yschCjtw5R4sevUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=70733ec3d11d641134de589e3892453aff2286ac16c5&redir=https%3A%2F%2F1ls8wt.snzgdl.com%3Fsubid1%3D30055904%26subid2%3D3861430388%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiC6pyeGoKUSh2gLoPShYn1F8qGp-01qltc-5ACeUK-ZQSCbhVsogq_b49iv0KXiAQ%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DAnzeichen%2Bvon%2BProstatakrebs%2B%257C%2BViele%2Bw%25C3%25BCnschten%252C%2Bsie%2Bw%25C3%25BCssten%2Bes%2Bfr%25C3%25BCher%26click_id%3DGiC6pyeGoKUSh2gLoPShYn1F8qGp-01qltc-5ACeUK-ZQSCbhVsogq_b49iv0KXiAQ%26dpco%3D1%23tblciGiC6pyeGoKUSh2gLoPShYn1F8qGp-01qltc-5ACeUK-ZQSCbhVsogq_b49iv0KXiAQ&vi=1700633424167&p=search-prostatecancer-sc&r=45&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ppb=CKYG&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDExNziAgrKaBUCy0A1IzogQUMOz3QNY____________AWMI0DcQjlMYMGRjCPkhEJIuGAJkYwiiNRDiRhgyZGMI3v__________ARDe__________8BGCJkYwj-FhCKIBgTZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI7wMQ5GsYCWRjCP9GEI1mGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB6OKarb8x&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&ri=e203d965c27cbd325ae6e56d42e4659c&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&it=text&ii=~~V1~~-3817639421150153926~~XoCb5VC6S8jmQTzT6pXwEoOsS-sUrg41Gynb3QmInOse79Ni-eBnd8iQ4KmvvX-QPtVvJT2oZsUKTcbUlOwtfEu7an8VqkvnxTtX7NBUjMzBhJHgXWV4OuY-0ToxFss_Qduf2w6go7zdIO7EDypQ9LmanRa8F34mo1Vlf7kRxXBRQh2D2cEFoulXreODML14o2q2cNWZ8qU8Pfnjl1rReo6zhr_uog6GC70OqLAd6RE&pt=text&li=rbox-t2v&sig=25f08324ac659efcd6bf74e7e3dd2cb95f6edfc9aed2&redir=https%3A%2F%2Fwww.lecker.de%2Fschnelle-low-carb-rezepte-20-minuten-fertig-68113.html%3Futm_source%3Dtaboola%26utm_medium%3Dcampaign%26utm_campaign%3D10919013%26utm_term%3D3006213076%26utm_content%3Dbg3.co%23tblciGiC6pyeGoKUSh2gLoPShYn1F8qGp-01qltc-5ACeUK-ZQSDjmkYohKOYz7jSmNemAQ&vi=1700633424167&p=bauerxcelmediadeutschlandkg-leckerde-sc&r=96&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ppb=CNkF&cpb=EhIyMDIzMTEyMS03LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDExNziAgrKaBUCy0A1IzogQUMOz3QNY____________AWMI0DcQjlMYMGRjCPkhEJIuGAJkYwiiNRDiRhgyZGMI3v__________ARDe__________8BGCJkYwj-FhCKIBgTZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwiWFBCaHBgYZGMI7wMQ5GsYCWRjCP9GEI1mGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB6OKarb8x&cta=true
Title: Weiterlesen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 107

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 148

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP9D8EUI-1L-I09C HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP9D8EUI-1L-I09C

Request Chain 157

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA5RDhFVUktMUwtSTA5Qw== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMScRCAzToNtiYw69mRovwM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5RDhFVUktMUwtSTA5Qw==&google_push=

Request Chain 158

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rYeBgTo4R5WswIqRB614iA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rYeBgTo4R5WswIqRB614iA

Request Chain 159

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP9D8EUI-1L-I09C

Request Chain 160

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/rhOTwwI2SUZvDsEKlRmQ6sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ues.dPFE2oKPGbTUbCs0Cu5lgdF5h2Ssv0vz2w--~A

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LP9D8EUI-1L-I09C&ex=d-rubiconproject.com&status=ok

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIHzB8oThY6rLiHZSgmUG7A&google_cver=1

Request Chain 164

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhlZDM0NTRlODE3NmI3YjYwZjFiMTY0MWVhOWM0NTFjZjBjYWI0Ng

Request Chain 165

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zXXHjlfyQeCt92Q8OwKOtw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zXXHjlfyQeCt92Q8OwKOtw

Request Chain 166

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADZIE7KuzcAABRFlWJFxA&expires=30

Request Chain 167

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LP9D8EUI-1L-I09C

Request Chain 168

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5488124a-7e58-4c4b-8e68-4599c4a8104e&expires=30

Request Chain 169

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP9D8EUI-1L-I09C HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP9D8EUI-1L-I09C

Request Chain 170

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP9D8EUI-1L-I09C

Request Chain 171

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LP9D8EUI-1L-I09C&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LP9D8EUI-1L-I09C&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 172

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LP9D8EUI-1L-I09C

Request Chain 195

https://ghent-aws-fr.bidswitch.net/imp/0.412638/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R68934215_Qrtbwp_R_I_WAUCTION__PRICE_X-xNdR7SzdWtAlBC1XucTT3ugHg6zLJ-X30_Qrtbdata_R5Jx6L0QThhK4XNCmh5bO5VK-qVI8CSOUNxpxAQCF5ptzfT45HjTjpuN__1Ynkn07DFMGmqtC2H4NGZm09yRIHFZlkfych4hZI9VbzYw3tmzqG4ZevaM3rWTrZKTV8Y1VBhNFK3-S__lJSQyaQwbEd55NJH88cEQbvbtvOTMy__pbEs____98DfAgNaSHmrY-MEG7vw3RIFXE91FqrVOoKh7JTAv21kHdFaNO0MNmdWtf3Jk3PSR51BlrxoXZXo3T4B0bZ__Ui9ccdXRTYjLmW8vfsBGood2eCPir6ci9pYnHSjOeQHbgsUbiH8uMnkkJIQ1pUM1z0UFkcNjzE5kB31tK4hrtcJ0JcYRlzWh-26oCjOxNe5GSRTThbU1GhKWuAwb2ycslAZDcdgAMw1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/OdPYx0yJoVq-Ig4NFApsUujjnSroE8Nfc34oC6czYQ2xKLttgvEELau_PVhORYfqdpazn1u5KviTMRVaglPdQ_giB7mjxlNBFicDcyUPQOOSAzA15EoXN0Wou_rKp291XC75oReHro2v_TLIKiRcnnOGS9u6qM2_nNT6_6op9fJVqHqWgDs6Y4vCNkyecGx6dzIcr1nBmYqgzsEvKvcYMQr8JKIeqSAhS6eJqP19yKaSqwRc2fc5pGTOHTG2pSCpR_kdzH2g7CTDvv6bk0p0QkNp0njmC0cm3AUOD7g1ShKYAu8jsO0MQqE8P7Ace-o7turLPxRW8NtaiRPj453pJwKRGmwn5K7wKwPKC1DxJ7D0ONjw1lxNwGsgGtOpLoqWWiKlbGzpjqk9_GhL0hSa_HzWQ4WKELhg0K6TiwDTmLwS9PJeYBmiUoCQ1IpInmxKM1bRaJb7qf3Tsfxjv4FiObdxruXK9fAkD9AA3iJCPdqDccS_Pv9k8PAgi9aQCpthRySflBmM2mjmKqAGnoJfOlmd1Y4eJSLaAb9F99wQs5F8qMXdv1FxTXjqUNfMC9NNUA4nXVkiVmvEML5RPzMu5Eb2U888nfCh4nrp4DZLzo3muNgLYwobjVbs2GEig-6VSUNu46u7OLL9MYFN3ArBU3pbwy88Vbbb2t5eKRaCvV-RxxKUOO_a2GiWmCX5tc6uYHmQe5irCy6yRqz4SNMRtQurRRn5NYHkhpv3VrnEdZ1eItlZrmLld4xEEqxOIUhJOZnhXb5ue641TrbDHNUhICte9Pd9-HEZdBhj6Xx7fwqa9swlYNFsEfFQgux6oZWKsb8T0-AvcI6eIijDcD5bkS2dqBTemn5DXO8umJBStPp0ix_IlZn8QUQf2FnKFBSBv4jE9hA33aJF-1kqTJTFJU6eyAcsw60WfiRoW0-S8wWDSfNhI4wexdJTu04jTjQ2e4j6Z-E8lcFTf20N8AZE3toolq6WqMlk_aakpUAZ25J1kjmvOTkk9-NV3fomRWAxNHjqaurO1UVeEDFPYm1IWPJvYXMmZGZsWOCvL0VQa1YfCH7r-v77n8G6sezma19Bk9_X7tee1satStgsbTWGDwwoOoSPpw5hrQfzWW7L8HsszMYx8aOfMXNly_I49qOWKko48Kqhetd-jfOZbs_lIrVnA5N2-GozM8nrlvpg-jmSEEqAyEH1VnoyktQHtdY-oAaNK492mq-qehkeZfyqiiugWkI8cDYhAqIYmTOloEMyq8sVO8OObMF9I2ddn_gML3vdCItbzwITHxU_TIHeaqrODr0J45-Osi9vLdpJg7wBK6kJxdtmhcIFSqcY1e4AyXC-3QNWzGrG4nf8IqKTidlywivt3oVwSwkQR4BaNOThekP4JnTh9HZxhW0k95Sa4wBk1BTAVRvVO6Pe5rE3GyI8jRDQr9N7mj7_KQeHgUXs0aIpbzm-3z6wXU3v3DmWLP28siU5g0IKhbjVzqKuoDt37WbNCGxUYbsIYui8WiNyd93Z1ROQBmDaefYyJyifAevnHquzusN3PR0bFyF_A8vNvr26WDMs86FSNO2nTaVN9eCyPDYWf1tIAA2GxYbWJQJ74_1mjR2ZrmDTVDu5LdLKOlXdTL2T9nZ2w3PLQZT2zSeWQu42XS83g2iHrx_vjAW2Wk3wCP21REGIrnzEf50Qc8ecX74OGtf8Sa-0Sj-HCXZiPozWOTMkHxpX1Redbmdi2Zr3NbS5Ib5po69AfxXiSVF1R8Sfo4etsdCT_VRubUFZCw7IJ5ben6geIJnoyRNdvO8/$%7BCLICK_URL_ENC%7D HTTP 302
https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.41263-xNdR7SzdWtAlBC1XucTT3ugHg6zLJ-X30;rtbdata=5Jx6L0QThhK4XNCmh5bO5VK-qVI8CSOUNxpxAQCF5ptzfT45HjTjpuN_1Ynkn07DFMGmqtC2H4NGZm09yRIHFZlkfych4hZI9VbzYw3tmzqG4ZevaM3rWTrZKTV8Y1VBhNFK3-S_lJSQyaQwbEd55NJH88cEQbvbtvOTMy_pbEs__98DfAgNaSHmrY-MEG7vw3RIFXE91FqrVOoKh7JTAv21kHdFaNO0MNmdWtf3Jk3PSR51BlrxoXZXo3T4B0bZ_Ui9ccdXRTYjLmW8vfsBGood2eCPir6ci9pYnHSjOeQHbgsUbiH8uMnkkJIQ1pUM1z0UFkcNjzE5kB31tK4hrtcJ0JcYRlzWh-26oCjOxNe5GSRTThbU1GhKWuAwb2ycslAZDcdgAMw1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Request Chain 196

https://aws-fr-sync.bidswitch.net/sync?ssp=onetag&dsp_id=70&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=onetag&dsp_id=70&imp=1 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=702967506440777401&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=52e45776-82af-4e0a-a4d7-08d4ce5d9370&gdpr=&gdpr_consent=&us_privacy=

Request Chain 200

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LP9D8EUI-1L-I09C&gdpr=0

Request Chain 201

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3297053945854328167

Request Chain 202

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=0

Request Chain 204

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_Wmwaw_BcT5I8KgRyqDxe2RaQmXAjOvdw

Request Chain 205

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=1548668815510508082

Request Chain 207

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3E6ROQA7Hnj-tGwGVY5YI9t666dDNYfw2Sfl3Bysxyo

Request Chain 208

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTM2NUMwMEItMDZEOC00NTBDLTk3QTctRDc2MzU3OUM4RUZB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=E365C00B-06D8-450C-97A7-D763579C8EFA

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1

Request Chain 210

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A

Request Chain 212

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1

Request Chain 231

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV2bVdbVAYr6aDF5yOGvpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1

Request Chain 234

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV2bVdbVAYr6aDF5yOGvpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1

Request Chain 239

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
https://rt.gsspat.jp/lcs?lamp_sc=aladdin HTTP 302
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=e291e2cdd82a56f2abb3bee7ead582ae

Request Chain 240

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA9NpYltshds9GH4_cp3sQwrjRCciqYop8-6Or8y0wRlw-nR1IsWmalwTlLjx57vnNg&format=gif

Request Chain 241

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2 HTTP 302
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA6sktT-sMa5AFUyEKEvx7gzI-hl9aHn7AUfA8myDtQxx4joE-tgGAyP2RrR34tgAug&format=gif

Request Chain 242

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
https://g.c.appier.net/ge HTTP 302
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=4EF1mxqYAsWOcWr4V5tdZQ

Request Chain 260

https://genieeintl-d.openx.net/w/1.0/acj?ai=92e9ef1f-a7b9-48b7-a954-3876d349d482&o=261381409&callback=OX_261381409&ju=https%3A//www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1 HTTP 302
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=92e9ef1f-a7b9-48b7-a954-3876d349d482&o=261381409&callback=OX_261381409&ju=https%3A//www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1

Request Chain 297

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=1

Request Chain 300

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vj2fDm6piTTM78JPTBZS3IGcRYNh-Efn5l6kp4aY-lo

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1

Request Chain 305

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=VvgAIFmvAHBN_wR1AvsYd1T-B3dN9AMnBP6LybsX

Request Chain 306

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=702967506440777401

Request Chain 310

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ5DzVKL3JCduCMwV2EbcxM&google_cver=1

Request Chain 312

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smart/1548668815510508082

Request Chain 314

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/appnexus/3297053945854328167

Request Chain 317

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP9D8EUI-1L-I09C?gdpr=0

Request Chain 321

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/5f8bc02d-698c-4fcd-b085-5e834e2bf308&partner_id=1010

Request Chain 326

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 331

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=3297053945854328167

Request Chain 332

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=HsoSrRZHFXBbf0tSRW-6s_OX

Request Chain 334

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700633431776 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=8087599572

Request Chain 335

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5133329528937123030

Request Chain 336

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=4bb1a811-f7c3-4156-b1fa-e757932e4c7e

Request Chain 337

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 338

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A

Request Chain 339

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUyAg4dOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ssp.disqus.com/match?bidder=14&buyeruid=3297053945854328167&r=Cid1YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUyAg4dOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUyAg4dOAI=%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://ssp.disqus.com/match?bidder=29&buyeruid=QbE74iHUbmzp&r=Cid1YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUyAg4dOAI=&gdpr=&gdpr_consent=&ev=1&us_privacy=&pid=562894

Request Chain 340

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A

Request Chain 342

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 345

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/openx/a4aa2a3e-7d12-022b-1b7b-d8e15732973e

Request Chain 350

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFhgZ7_RJTi3Hiw4GPpFuhA&google_cver=1

Request Chain 351

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a6f3623384e84b298af1f53358258fc2 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a6f36233-84e8-4b29-8af1-f53358258fc2

Request Chain 352

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180

Request Chain 353

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=qv9Fm2I0WVN6b--jWnIs9FNMgQ8

Request Chain 354

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

Request Chain 355

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348%2526gdpr%253D0%2526gdpr_consent%253D&ct=y

Request Chain 357

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1

Request Chain 361

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=

Request Chain 364

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
https://csync.smilewanted.com/set_partner_userid_get/adform/702967506440777401

Request Chain 365

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=32faf07e57204138ad918c4d0fbf1d3e HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a6f36233-84e8-4b29-8af1-f53358258fc2

Request Chain 367

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3297053945854328167

Request Chain 368

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=33895d19fb22ca4c37e18eaf6a685fc&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1972_7304728642613807053&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzM4OTVkMTlmYjIyY2E0YzM3ZTE4ZWFmNmE2ODVmYw==&gdpr=0&gdpr_consent=

Request Chain 369

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1548668815510508082&gdpr=0&gdpr_consent=

Request Chain 370

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 371

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB

Request Chain 376

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 377

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k?pi=smilewanted&tc=1

Request Chain 381

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTU0ODY2ODgxNTUxMDUwODA4Mg==&gdpr=0&gdpr_consent=

Request Chain 383

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3297053945854328167&gdpr=0&gdpr_consent=

Request Chain 384

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7304164972929022106&gdpr=0&gdpr_consent=

Request Chain 390

https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js

Request Chain 395

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=3297053945854328167

Request Chain 396

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_21207567-4782-4248-8e72-5f56999f4713&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=52e45776-82af-4e0a-a4d7-08d4ce5d9370&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

Request Chain 397

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=f6dd4cd8-6562-04e3-3a75-0fe0e1de3e0a

Request Chain 398

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-aaff459b-6234-5953-7a6f-efa35a722cf4$ip$83.76.129.15

Request Chain 399

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-0AyVmxxE2pdU3Ly2_Bb7LctniIjeSAX_UBjk~A

Request Chain 400

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=5488124a-7e58-4c4b-8e68-4599c4a8104e

Request Chain 402

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_21207567-4782-4248-8e72-5f56999f4713&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_21207567-4782-4248-8e72-5f56999f4713&s=2&us_privacy=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=-PjNz-Iae-kg_QTE_TLp&gdpr=0&us_privacy=1---

Request Chain 403

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=n8pVY6nS5ywY&ev=1&pid=558355

Request Chain 404

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=1548668815510508082

Request Chain 406

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=0

Request Chain 407

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=E365C00B-06D8-450C-97A7-D763579C8EFA

Request Chain 410

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=702967506440777401&gdpr=0&gdpr_consent=

Request Chain 415

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k&pi=gumgum

Request Chain 416

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 417

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=98b90aac-32e5-03e1-2596-06fa698db5a9

Request Chain 418

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

Request Chain 419

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=E365C00B-06D8-450C-97A7-D763579C8EFA

Request Chain 420

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2553157775425419362823

Request Chain 422

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZV2bVdbVAYr6aDF5yOGvpAAA%261180

Request Chain 423

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=ddb45ef80f7270610255a4c21dee08d5

Request Chain 427

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAHYtfxCwP1UzhAsCQgT32w&google_cver=1&google_push=AXcoOmRz1PTkh7y1KhY81Zmj2M8dybeB_dF6wUax4ySRm_Acfi66Dlf1No1hz6nEw656Dp3_4SsW2nbaD8ZRKPk0D-PQSa99KSni9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRz1PTkh7y1KhY81Zmj2M8dybeB_dF6wUax4ySRm_Acfi66Dlf1No1hz6nEw656Dp3_4SsW2nbaD8ZRKPk0D-PQSa99KSni9w&google_hm=eS1kRVRrVS54RTJwR1hPT1I1R2l6M204VHI4ek5RSy5VSn5B

Request Chain 428

https://rtb.openx.net/sync/dds?google_gid=CAESEOLdS1DDZk-Pru-cRScLyMg&google_cver=1&google_push=AXcoOmSnN6CK5syJC60296CtTFwvUNoBJ7JK_TM8kPurFEiXvOtidgGNduGWYCQ90aoc5DPYpy9qRE3YqKvlyzGLpQuj7rsviwooOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSnN6CK5syJC60296CtTFwvUNoBJ7JK_TM8kPurFEiXvOtidgGNduGWYCQ90aoc5DPYpy9qRE3YqKvlyzGLpQuj7rsviwooOw&google_hm=3rZilOTxhZu7elO6-pcF9g==

Request Chain 429

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKIadGJtZ70zkvJQMqhh2yw&google_cver=1&google_push=AXcoOmRitxxbON12oSA9KsOd-G7qUA3RLc1qMgUOhlhO_lOw8i5sLroyeWnz3m51n6PHNL6CdONbqPU7-Q0EPkpSz5pipODRmw4JBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=42XACwbYRQyXp9djV5yO-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRitxxbON12oSA9KsOd-G7qUA3RLc1qMgUOhlhO_lOw8i5sLroyeWnz3m51n6PHNL6CdONbqPU7-Q0EPkpSz5pipODRmw4JBg

Request Chain 431

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEIQhSauT1JWjD9Y7d4-EPT8&google_cver=1&google_push=AXcoOmRyNB5DqXEK9i4AVDC1g2Qr4ts3xdjbkYjyntN9XZSncbULQlKQ_wVg5NyY6VCTLkeXRaN-tZ2KbWr2PA3nlLZ9ZzXWb7TyBQ HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEIQhSauT1JWjD9Y7d4-EPT8&google_push=AXcoOmRyNB5DqXEK9i4AVDC1g2Qr4ts3xdjbkYjyntN9XZSncbULQlKQ_wVg5NyY6VCTLkeXRaN-tZ2KbWr2PA3nlLZ9ZzXWb7TyBQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRyNB5DqXEK9i4AVDC1g2Qr4ts3xdjbkYjyntN9XZSncbULQlKQ_wVg5NyY6VCTLkeXRaN-tZ2KbWr2PA3nlLZ9ZzXWb7TyBQ&google_hm=a2R6R2gyQ0lXUU1oUzB6WVRRNEo=

Request Chain 442

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mRAwL5ZHMH-CFzR6zRMoeJsWN3iCHDMoyxaH6srW HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348&gdpr=0&gdpr_consent=

Request Chain 443

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3297053945854328167&gdpr=0&gdpr_consent=

Request Chain 446

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E365C00B-06D8-450C-97A7-D763579C8EFA&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E365C00B-06D8-450C-97A7-D763579C8EFA&gdpr=0&gdpr_consent=&ct=y

Request Chain 451

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=702967506440777401

Request Chain 452

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E365C00B-06D8-450C-97A7-D763579C8EFA&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Wtjyg7dE2uVmt5ZprgiBKWGcnZHqeOw-~A&gdpr=0

Request Chain 454

https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329528937123030

Request Chain 457

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWklFN0t1emNBQUJSRmxXSkZ4QQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 462

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent=

469 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html Show response
www.bg3.co/a/ 60 KB
18 KB 2828ms
1796ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5467549f2927706d92858cccfc2d0c9b212fe637fb3e69397c05638e7fda668d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 06:10:23 GMT
etag: "f1be-5H6oZNftXjCr6uq5HrfTEjF56o0"
expires: Wed, 22 Nov 2023 06:11:23 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 429ms
52ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 06:10:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73200
x-xss-protection: 0
server: sffe
etag: "b209cac081bc437c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 06:10:24 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 424ms
47ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 06:10:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9651
x-xss-protection: 0
server: sffe
etag: "e5d8e2e1a4e85f74"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 06:10:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 508ms
136ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4ba1498c77c586c04eb50fd235dade8c7054d822c039d6d78e26128dcef37f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30390
x-xss-protection: 0
server: cafe
etag: 295 / 19683 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 06:10:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 432ms
61ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd150b93b60a24d7885b6f965bfd25fbc602373b36f18270e0d8e91abd7fe4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 06:10:24 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 127ms
39ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Nov 2023 11:24:28 GMT
server: cloudflare
age: 6384
etag: W/"655b41ec-a1eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 829f02538fbc0e8d-MXP
expires: Wed, 22 Nov 2023 16:23:59 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 195ms
46ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF4) /
Resource Hash: 47e9772aade5d92d4b7a1145b1fbe499977b4b49af1725b8f5e3a71f6e8e1425

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: br
age: 62361
x-cache: HIT
x-client-device: desktop
content-length: 11417
x-ap-device: DESKTOP
last-modified: Tue, 21 Nov 2023 07:59:27 GMT
server: ECAcc (frc/4CF4)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:10:23 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 763 KB
156 KB 669ms
520ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0ee055f6b9a4b67c3ced24bff78af9f0f9ccc7e3ac6e7aa01dd775655288247f

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 07:10:24 GMT
date: Wed, 22 Nov 2023 06:09:17 GMT
content-encoding: br
x-ap-device: DESKTOP
last-modified: Wed, 22 Nov 2023 02:51:42 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
x-client-device: desktop
x-client-geo: CH

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 683 KB
56 KB 136ms
35ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97fc3c5f72f39cbc5fd7a2fc73239291c84622ce10d8453f625d09298a15d0c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NxnGs2r9sR5X3KOzCM6zAQBWkU2QxQCt
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:23 GMT
x-amz-request-id: ABH5HX7T2YN0N580
age: 21652
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 56769
x-amz-id-2: YqQEGJjSMK2clrhYCMdXMV5xGSFOJ2iQ4+Mu5eJ9F739ztmX6sRYriGYGbgVBKigkH3ynbs+8Yg=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 11:52:26 GMT
server: AmazonS3
x-timer: S1700633424.952017,VS0,VE1
etag: "e11ad614e3cd224ccb276fb7bcc27b9a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

437ms
37ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3887
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xznhq13gTVyB9I3zfNPZW%2F2%2BG%2B0NBtXY8zyAuf8MBB3kb%2FDglTsJXsq3QIJ8CcqYU2JLRYC3yEwIh953FFG2y6zg0CdxQkNtRkqdwe9PRUBJOlgsGA%2Fi4qrhawaR94sneg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 829f02585c3fbaca-MXP

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 player.js Show response
cdn.unibotscdn.com/player/mvp/ 331 KB
123 KB 515ms
29ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/player/mvp/player.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 6c8d47a6034307bb944699be960a5da5d005fd156cfd230c8ec261707e07d87e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-663
cdn-cachedat: 11/16/2023 07:44:49
cdn-pullzone: 873945
last-modified: Thu, 16 Nov 2023 07:43:37 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 656
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6555c829-52a84"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: b4a48b985aa519d300c636627ac5cd3c
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
588 B 191ms
165ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=CBC87159F15A4F4753E91067D6FC779B&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&t=%E9%9C%87%E6%92%BC%E5%BD%88%EF%BC%81%E5%87%B1%E6%93%98%E6%94%BE%E6%A3%84%E6%9C%89%E7%B7%9A%E9%9B%BB%E8%A6%96%E9%A0%BB%E9%81%93%E4%BB%A3%E7%90%86%E3%80%80%E9%87%8B%E5%87%BA%E6%9D%B1%E6%A3%AE%E7%B7%AF%E4%BE%86%E7%AD%8914%E9%A0%BB%E9%81%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2990&sc_rum_e_e=3005&sc_rum_f_s=0&sc_rum_f_e=2986&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 829f025428530e8d-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 impl.20231121-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 819 KB
170 KB 28ms
28ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Goo1gyH5Mb13alrQ0W6zOWkgXcD8DEn0
content-encoding: br
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:24 GMT
x-amz-request-id: 2DT8Q5S0E2D8RNCZ
age: 12262
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173606
x-amz-id-2: mwihbDPG86wbqTFFkJwlQKv7Co+BELgA78GVz+oz+7VpwZpf7gRpNYseBtFWa2YYmy/p+skRJF4=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 10:24:38 GMT
server: AmazonS3-br
x-timer: S1700633424.093869,VS0,VE0
etag: "e14d5158d1e05939397417dd5bb9b1d9"
vary: Accept-Encoding
content-type: application/javascript
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 25803

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
30 KB 409ms
37ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5831219
x-cache: HIT, HIT
content-length: 29880
x-served-by: cache-lga21979-LGA, cache-fra-etou8220073-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1700633424.490293,VS0,VE0
etag: W/"28feccc0-14e98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 44, 327

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 403ms
32ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 279265
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 66 KB
16 KB 446ms
437ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=07%3A10%3A24.171&lti=deflated&data=%7B%22id%22%3A254%2C%22ii%22%3A%22%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700567542539%2C%22vi%22%3A1700633424167%2C%22cv%22%3A%2220231121-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html%22%2C%22vpi%22%3A%22%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3458%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2328.6875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 862590347fab62f39bd02b6b175ac384c0b0045089486656132de81983cb0d1d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 412
date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.725
x-fastly-to-nlb-rtt: 69011
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230022-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1700633424.190236,VS0,VE412
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET 9d760613fbac59a120656ff37fc9da74.jpg
static.bg3.co/imgs/202105/ 0
0

GET 14f774b51222abd0adf0a71e5b960dd3.jpg
static.bg3.co/imgs/202105/ 0
0

GET ebc3d97d07cc78182d93c817d9d44fd1.jpg
static.bg3.co/imgs/202105/ 0
0

GET ef4f70a41d4ad8981f05a9a668e3ad54.jpg
static.bg3.co/imgs/202105/ 0
0

GET ea221894a915e092e664fbf51539d1ab.jpg
static.bg3.co/imgs/202105/ 0
0

GET 2d6a5c270e2ba01bce7bad2a89b61fe1.jpg
static.bg3.co/imgs/202106/ 0
0

GET d641dbbeb7f69318becad1982264869b.jpg
static.bg3.co/imgs/202106/ 0
0

GET 151c40057336b8598861552678572c42.jpg
static.bg3.co/imgs/202311/ 0
0

GET 758abca9a8f7e6c3dee5a16c6c263fcb.jpg
static.bg3.co/imgs/202309/ 0
0

GET 69f0ea578a1b9306ccfd61124d96b2d4.jpg
static.bg3.co/imgs/202105/ 0
0

GET 93a75d48e87f68b815c9d399d948b6e3.jpg
static.bg3.co/imgs/202206/ 0
0

GET 8d67a134d154d538844593b48256b968.jpg
static.bg3.co/imgs/202105/ 0
0

GET fdba1cb4b1d4b4634c431e3921ea19bd.jpg
static.bg3.co/imgs/202106/ 0
0

GET 85e193d5c40501f69ef42dc2b641ecf3.jpg
static.bg3.co/imgs/202106/ 0
0

GET 0cc781506b4feff38bf146bd20500edc.jpg
static.bg3.co/imgs/202309/ 0
0

GET 56092894c0aaca72e83d26edfec2817c.gif
static.bg3.co/imgs/202108/ 0
0

GET 9e5a8c52c424a599b31ef18c1fb445b5.jpg
static.bg3.co/imgs/202105/ 0
0

GET 50bea22a260412797f0129837c60f8fa.jpg
static.bg3.co/imgs/202105/ 0
0

GET 112e76b4ca35cd3d0f7f4ef5c793fc16.jpg
static.bg3.co/imgs/202309/ 0
0

GET 59a59ab471f5eecb6a158130f0ad3fd1.jpg
static.bg3.co/imgs/202106/ 0
0

GET 82202fcb102554d8854eb648a5f65d35.jpg
static.bg3.co/imgs/202105/ 0
0

GET 63c61e81502ed91b9f434f6ed7bf8bc2.jpg
static.bg3.co/imgs/202106/ 0
0

GET 806d7b8c66f30433d0d7fcc8d8834ea1.jpg
static.bg3.co/imgs/202106/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 8 KB
4 KB 666ms
146ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 05:32:45 GMT
age: 347859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "ebb1be4e47c7faed"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 05:32:45 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 12 KB
4 KB 759ms
244ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 04:39:45 GMT
age: 437439
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "3c281510b2fc8bce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 04:39:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 913ms
303ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700633423831&gcd=11l1l1l1l1&dma=0&cid=1270102663.1700633424&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700633424&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&dt=%E9%9C%87%E6%92%BC%E5%BD%88%EF%BC%81%E5%87%B1%E6%93%98%E6%94%BE%E6%A3%84%E6%9C%89%E7%B7%9A%E9%9B%BB%E8%A6%96%E9%A0%BB%E9%81%93%E4%BB%A3%E7%90%86%E3%80%80%E9%87%8B%E5%87%BA%E6%9D%B1%E6%A3%AE%E7%B7%AF%E4%BE%86%E7%AD%8914%E9%A0%BB%E9%81%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3475
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 430 KB
135 KB 29ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75531
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:11:33 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
771 B 30ms
30ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1700633424537
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 21 Nov 2024 06:10:24 GMT
date: Wed, 22 Nov 2023 06:10:24 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (frc/4CC2)
age: 8363700
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 200 taboola-vignette-new-scanning.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 32ms
30ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e0520615c91ba524f0ba6daa5113feec9cb2b883fa19313fb9d9eef6a9195bb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pAbK3QB8.iEVAbAhXAFJUcnfGivcrN_q
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:24 GMT
x-amz-request-id: 1C3A8CE9T789VGT9
age: 68702
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8019
x-amz-id-2: axM7KRxDWf57n9BJW7P6woRdI32Tdn1r2VXXHAfvUqcWK2wlqcLxQcK497ndlpJOldkWhWq3cEg=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 11:05:22 GMT
server: AmazonS3
x-timer: S1700633425.697907,VS0,VE0
etag: "931da4ecdce74822f54bfca0e2dc42df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 45
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 10939

GET
H2 200 distance-from-article.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 118ms
110ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d523aae1d54605fc3dabf35448e4e4892eaefacaa33f086943d8b9aedd9c9f36

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PukvgENl9P8p6Cep_nFjxChkl.Xu4Ung
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:24 GMT
x-amz-request-id: V5J3ADE8RFGZFEBM
age: 68661
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: 3JAxA8iBqo8o+ULKoHR9w3WsPkB6mBSBRwLHoNAAuNqiUV2qCw3iUrNhTLq3/e3lRPD+VQ11f0U=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 11:06:03 GMT
server: AmazonS3
x-timer: S1700633425.755965,VS0,VE0
etag: "3156426a0edaa42aa2bf567f4a5c596f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 12
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 167185

GET
H2 200 article-detection.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 116ms
108ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebecabde36c90a8dd9a2f347e1e633087b143ba28dcacdf58528da0b26cb5791

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ddt198pxC_yRl_CaGpeDno3_LaTkP5ys
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:24 GMT
x-amz-request-id: T9WDX4W5BNASMWS5
age: 68653
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: +W30AuUfkwSfo1AF0VbeoTJ55GNDrqRPdemr6iAJmdcEXRmN0Kd/+v8siJtvDwi5TCVnDphpjF0=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 11:06:12 GMT
server: AmazonS3
x-timer: S1700633425.755955,VS0,VE0
etag: "36b721518a3b258033d725e6c90d0fd9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 13
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 167078

GET
H2 200 feed-card-placeholder.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 117ms
110ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e996a0721e504efb3a2614ffebf96811dc56a2cb84a585ae495d146f8e43035c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ju9LmLHxGHd2SDosFr2KWDtYMujelG1T
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:24 GMT
x-amz-request-id: TTPMVSZ315PRTH45
age: 68668
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1261
x-amz-id-2: o8wSPbUPKB0zB2i2rPO3v0aID4x4r8tWetHzBPMLJLAJEZTH42xbfPfcs6FNqozKP2ioOKiJ8PU=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 11:05:56 GMT
server: AmazonS3
x-timer: S1700633425.755939,VS0,VE0
etag: "9c15de28849e65a17e95bb39ea85ea2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 146125

GET
H2 200 userx.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 106ms
105ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9426567f042fca32ee04034ef8c83cf73aa1f698f8bf465a72671de0ecaaad74

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: h2ZFyZmVEll34KKR1rwSyQqtbSF9sBrg
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:24 GMT
x-amz-request-id: T1PW22D174K7RJ7Y
age: 68706
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5396
x-amz-id-2: adoQFtb+JiFly5IYy6xTFxlxqDjpXf4iOezXSXU1dKiTccpswCSY4ct7JBF+FUEJ2T1CRqEthVo=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 11:05:19 GMT
server: AmazonS3
x-timer: S1700633425.770847,VS0,VE0
etag: "e04922542f64625b1a6e8ed0a5a5d7b1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 37179

GET
H2 200 explore-more.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 135ms
133ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70239190370dc8b6eac2cd2352b203507ab0c0ca1aad58a6a3d686b2cdfd08bf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sAMIBKLm6jY2OJimoy6TabKnWM3FyFmU
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:24 GMT
x-amz-request-id: NA0WF347421E8ZB8
age: 68667
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7706
x-amz-id-2: fznur/YGUJlnO+puUqkWTCfXIcYQEV0SGRDXn1MFBTXuBB2e2lkJbWQ8xWtCneal4IUdgPRZ5d4=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 11:05:58 GMT
server: AmazonS3
x-timer: S1700633425.841259,VS0,VE0
etag: "cbe598f6658248d28d1a1f7ffe8c5bfb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 58
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 74985

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 865ms
429ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700633424684%7D&tim=07%3A10%3A24.684&id=2242&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 777ms
342ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700633424715%7D&tim=07%3A10%3A24.716&id=1569&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1164ms
729ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22blockedVideo%22%2C%22type%22%3A1%2C%22eventTime%22%3A1700633424732%7D&tim=07%3A10%3A24.732&id=3965&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1164ms
730ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A10%3A24.775&id=3576&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 630ms
196ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.791&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=747&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44545

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 630ms
196ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.794&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1081&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44545

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 699ms
697ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.810&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4706&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 699ms
697ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.818&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9842&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 700ms
698ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.825&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2507&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 154ms
154ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:24 GMT
x-amz-request-id: Y1PG8J215N22T8P1
age: 20
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1700633425.858828,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 56
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 25

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 760ms
758ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.871&type=usage&msg=New_CTA-event-1700633424871&llvl=2&id=42&cv=20231121-7-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-3817639421150153926~~XoCb5VC6S8jm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 761ms
759ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.877&type=usage&msg=New_CTA-event-1700633424877&llvl=2&id=9703&cv=20231121-7-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-3817639421150153926~~XoCb5VC6S8jm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 907ms
905ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.880&type=usage&msg=New_CTA-event-1700633424880&llvl=2&id=7991&cv=20231121-7-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~9192930712548313141~~KKP3VyYwQOQkm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 907ms
906ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.880&type=usage&msg=New_CTA-event-1700633424880&llvl=2&id=1356&cv=20231121-7-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~9192930712548313141~~KKP3VyYwQOQkm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 908ms
906ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.884&type=usage&msg=New_CTA-event-1700633424884&llvl=2&id=7789&cv=20231121-7-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~9192930712548313141~~KKP3VyYwQOQkm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 908ms
907ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.884&type=usage&msg=New_CTA-event-1700633424884&llvl=2&id=1770&cv=20231121-7-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~9192930712548313141~~KKP3VyYwQOQkm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 1004ms
1003ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.886&type=usage&msg=New_CTA-event-1700633424886&llvl=2&id=7633&cv=20231121-7-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-3817639421150153926~~XoCb5VC6S8jm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 1004ms
1003ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A24.886&type=usage&msg=New_CTA-event-1700633424886&llvl=2&id=4941&cv=20231121-7-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-3817639421150153926~~XoCb5VC6S8jm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44346

GET
H2 200 1884056dac9af304595355348ba8b2a5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_615%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 66 KB
67 KB 1101ms
1099ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_615%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1884056dac9af304595355348ba8b2a5.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dcd7687b11b9da481c12a742250f2dd1371189bd1630ccdd9771e5202814e38c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 389
date: Wed, 22 Nov 2023 06:10:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_615%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1884056dac9af304595355348ba8b2a5.jpg
age: 296862
edge-cache-tag: 492496024810385513339299449246031022522,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492496024810385513339299449246031022522,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS, MISS
x-envoy-upstream-service-time: 271
req-referer: https://www.bg3.co/
content-length: 67862
x-request-id: 614f3fbd1932f7501827bd2873ff7565
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200170-IAD, cache-iad-kjyo7100093-IAD, cache-chi-kigq8000178-CHI, cache-iad-kjyo7100159-IAD, cache-fra-eddf8230022-FRA
last-modified: Tue, 10 Oct 2023 23:01:23 GMT
server: nginx
surrogate-reporting: width=613,height=460,bytes=55345,owidth=615,oheight=460,obytes=65053
x-timer: S1700633425.920535,VS0,VE389
etag: "50982506d9782bc1c71da08545a2d9cb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 0

GET
H2 200 1884056dac9af304595355348ba8b2a5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 52 KB
53 KB 284ms
282ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1884056dac9af304595355348ba8b2a5.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b53ab7bcf5415502690d87673b9f05818f924a52ee039f75bd1247f1a79edcd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1884056dac9af304595355348ba8b2a5.jpg
age: 4251040
edge-cache-tag: 492496024810385513339299449246031022522,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492496024810385513339299449246031022522,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 274
expiration: expiry-date="Wed, 18 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.walla.co.il/item/3562017
content-length: 53058
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100089-IAD, cache-iad-kjyo7100078-IAD, cache-lga21959-LGA, cache-iad-kjyo7100143-IAD, cache-fra-eddf8230022-FRA
last-modified: Sun, 17 Sep 2023 03:44:38 GMT
server: nginx
surrogate-reporting: width=615,height=307,bytes=38713,owidth=615,oheight=460,obytes=65053
x-timer: S1700633425.920550,VS0,VE1
etag: "0d03842d502a02c70c3f80d26e8b430e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 6, 1, 1, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 180ms
178ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e03662baae2a170203c136b546c40cd0503823becb15ab80629e544af9efe19

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:24 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 6392419
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 121
expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 18500
x-backend-name: LA_nlb204
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100114-IAD, cache-sna10745-LGB, cache-iad-kcgs7200024-IAD, cache-fra-eddf8230022-FRA
last-modified: Fri, 18 Aug 2023 15:33:27 GMT
server: nginx
x-timer: S1700633425.920541,VS0,VE1
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 41, 0, 202, 1

GET
H2 200 508d251e-5c1b-4195-b97a-8ee6322f6f7c__kb0mxv5B.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 31 KB
32 KB 197ms
196ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/508d251e-5c1b-4195-b97a-8ee6322f6f7c__kb0mxv5B.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c777aca8bb0307ff86eaeac0f46764584f36142bb0349812c2a6f6911a96c85

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/508d251e-5c1b-4195-b97a-8ee6322f6f7c__kb0mxv5B.jpg
age: 2856449
edge-cache-tag: 474347373310288117235187354632300648067,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 474347373310288117235187354632300648067,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 265
expiration: expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://bestenrezepte.com/
content-length: 32044
x-backend-name: US_nlb103
x-served-by: cache-iad-kjyo7100178-IAD, cache-iad-kiad7000050-IAD, cache-iad-kcgs7200126-IAD, cache-fra-eddf8230022-FRA
last-modified: Wed, 23 Aug 2023 08:11:09 GMT
server: nginx
surrogate-reporting: width=460,height=256,owidth=2136,oheight=1200,obytes=368539
x-timer: S1700633425.188455,VS0,VE1
etag: "9fb228b97a12c828210b0efb18591b40"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 3, 1

GET
H2 200 338c3d679c16b336e5cb22d655e4e962.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
22 KB 703ms
702ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/338c3d679c16b336e5cb22d655e4e962.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 396f8ed1f8dba40b14d8e7184a75e06232d67923320aa4af686fb3bdac61c447

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 22 Nov 2023 06:10:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/338c3d679c16b336e5cb22d655e4e962.jpg
age: 1314447
edge-cache-tag: 447905853338010144569806589993284148684,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 447905853338010144569806589993284148684,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 130
req-referer: https://guppynews.com/
content-length: 21208
x-request-id: ebfc323d2aeb31d5d82334107d6298d6
x-backend-name: US_nlb103
x-served-by: cache-iad-kjyo7100059-IAD, cache-iad-kcgs7200048-IAD, cache-lga21952-LGA, cache-iad-kiad7000073-IAD, cache-fra-eddf8230022-FRA
last-modified: Sun, 05 Nov 2023 19:42:47 GMT
server: nginx
surrogate-reporting: width=920,height=460,bytes=47233,owidth=2500,oheight=3333,obytes=870569
x-timer: S1700633425.314686,VS0,VE2
etag: "770871969dcccaa8fe7011da9fba3133"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 1

GET
H2 200 ffe12df785f8f12c018b17b674a2d852.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 38 KB
39 KB 641ms
641ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffe12df785f8f12c018b17b674a2d852.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 66b53a436e28d7f8930970678e592ae7c8734129be048f15cbe7884aac6f2430

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffe12df785f8f12c018b17b674a2d852.jpg
age: 4188104
edge-cache-tag: 503896856038235911952859248634097590582,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 503896856038235911952859248634097590582,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 101
expiration: expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 38916
x-backend-name: US_nlb101
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kiad7000049-IAD, cache-iad-kiad7000173-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 17 Aug 2023 08:47:58 GMT
server: nginx
x-timer: S1700633425.375837,VS0,VE1
etag: "dd15537429d6d68c1a74167bd5de84e9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2, 1

GET
H2 200 4535584a6310b706982a769ee8f82f2a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 551ms
551ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4535584a6310b706982a769ee8f82f2a.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 452daf533035f8bf0f5bb5a0b22c087ec0240e885ee35f850b6b8af088b36828

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4535584a6310b706982a769ee8f82f2a.jpg
age: 2421082
edge-cache-tag: 353109636318217298454175887239420569314,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 353109636318217298454175887239420569314,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 166
expiration: expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://meine-gesundheit.net/
content-length: 15694
x-backend-name: CH_nlb804
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kiad7000062-IAD, cache-iad-kcgs7200093-IAD, cache-fra-eddf8230022-FRA
last-modified: Wed, 16 Aug 2023 00:26:49 GMT
server: nginx
x-timer: S1700633425.468810,VS0,VE1
etag: "84d3cabd3204a43144178c61f3407d46"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5, 1

GET
H2 200 1884056dac9af304595355348ba8b2a5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
58 KB 667ms
666ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1884056dac9af304595355348ba8b2a5.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9242c6b0bdf911d643ee13ad9b1a3730528a29e38ad4a05afdfd0bf1e3fc1ed1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1884056dac9af304595355348ba8b2a5.jpg
age: 4311428
edge-cache-tag: 492496024810385513339299449246031022522,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492496024810385513339299449246031022522,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 328
expiration: expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.t-online.de/
content-length: 58286
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100069-IAD, cache-iad-kjyo7100069-IAD, cache-sna10742-LGB, cache-iad-kjyo7100120-IAD, cache-fra-eddf8230022-FRA
last-modified: Wed, 23 Aug 2023 12:37:46 GMT
server: nginx
surrogate-reporting: width=615,height=341,owidth=615,oheight=460,obytes=65053
x-timer: S1700633425.468914,VS0,VE1
etag: "019224b829cc544f2a77564b1e355909"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 19, 1, 0, 1

GET
H2 200 338c3d679c16b336e5cb22d655e4e962.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
23 KB 513ms
513ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/338c3d679c16b336e5cb22d655e4e962.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e6a1a72f34d77313059e288d1d37b2e331bab3ca3022d73c8b945bde2aaf37f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:25 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/338c3d679c16b336e5cb22d655e4e962.jpg
age: 1997932
edge-cache-tag: 447905853338010144569806589993284148684,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 447905853338010144569806589993284148684,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 81
expiration: expiry-date="Sun, 05 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.knothouseyarns.com/
content-length: 23128
x-backend-name: US_nlb106
x-served-by: cache-iad-kiad7000155-IAD, cache-iad-kcgs7200057-IAD, cache-lga21971-LGA, cache-iad-kiad7000097-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 05 Oct 2023 11:30:07 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=51680,owidth=2500,oheight=3333,obytes=870569
x-timer: S1700633426.625628,VS0,VE1
etag: "b10794e5f2df6ffb6dcf4e45814f3708"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 0, 10, 1

GET
H2 200 eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 42 KB
42 KB 397ms
384ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age: 4752061
edge-cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 230
expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abendblatt.de/
content-length: 42778
x-backend-name: US_nlb101
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21975-LGA, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230022-FRA
last-modified: Fri, 18 Aug 2023 15:33:27 GMT
server: nginx
x-timer: S1700633426.024101,VS0,VE1
etag: "0a2c75440724365af393e298015be867"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 4277, 1

GET
H2 200 508d251e-5c1b-4195-b97a-8ee6322f6f7c__kb0mxv5B.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 91 KB
92 KB 389ms
385ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/508d251e-5c1b-4195-b97a-8ee6322f6f7c__kb0mxv5B.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e7badb000580b0f1efd84b2157c55d440a759700c598b775ae94428a936f1379

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Nov 2023 06:10:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/508d251e-5c1b-4195-b97a-8ee6322f6f7c__kb0mxv5B.jpg
age: 4134284
edge-cache-tag: 474347373310288117235187354632300648067,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 474347373310288117235187354632300648067,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 249
expiration: expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.9tv.co.il/
content-length: 93076
x-backend-name: US_nlb104
x-served-by: cache-iad-kcgs7200054-IAD, cache-iad-kiad7000148-IAD, cache-iad-kcgs7200175-IAD, cache-fra-eddf8230022-FRA
last-modified: Wed, 23 Aug 2023 01:55:24 GMT
server: nginx
x-timer: S1700633426.032682,VS0,VE1
etag: "f0ec991d795da1312d1e127bee51cee8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 13, 1

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 54ms
53ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 30808
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-etou8220073-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1700633425.948802,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 4837

GET
H2 404 Q0hfREVTS1RPUA==.json Show response
cdn.adpushup.com/fpe/42753/MAN_Data/ 555 B
222 B 436ms
435ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/fpe/42753/MAN_Data/Q0hfREVTS1RPUA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 07:10:25 GMT
date: Wed, 22 Nov 2023 06:09:18 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
x-client-device: desktop
x-client-geo: CH

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1015ms
1013ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1147%7D%22%2C%22eventTime%22%3A1700633424954%7D&tim=07%3A10%3A24.955&id=8171&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
614 B 88ms
87ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12383
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LjVHo8je62U8%2FlrahXg8Gi6HqRod1LD7hP5A0%2F1VWIs0Ua3ITFCPl8EhcsBbhU7khYds6Zh04OeHCX4OBRQDvGvva3HCW2JVaNu1oUqW8yg5M80DVJ1eVUqXukcWPpbaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 829f025a1d5fbaca-MXP

GET idRequest
sync.aralego.com/ 0
0

GET ad_request
ads.aralego.com/ 0
0

GET
H/1.1 200
OK playerConfig Show response
socket.unibots.in/website/ 4 KB
4 KB 1066ms
460ms XHR
application/json 139.144.5.218
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.144.5.218 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 139-144-5-218.ip.linodeusercontent.com
Software: / Express
Resource Hash: 6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 06:10:25 GMT
keep-alive: timeout=5
x-powered-by: Express
content-length: 3737
etag: W/"e99-DlD8MarDyco2rkZchfDXSV4nBa4"
content-type: application/json; charset=utf-8

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1230ms
1229ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22299%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A10%3A25.011&id=7790&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 851ms
849ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A10%3A25.023&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7795&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45973

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 979ms
391ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-145-251.compute-1.amazonaws.com

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 06:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 05:32:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 06:10:25 GMT

GET
H2 200 spa-detector.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 271ms
270ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 997e552a135d9776335b91483926c7d397a4725edc685b3eb832ec2e2160f2e4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dhaD6whcUcEKjGvpR_CYlGNQSo5hul8Q
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:25 GMT
x-amz-request-id: EXTDGHN8N8QS04GE
age: 68690
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 779
x-amz-id-2: hAF8D9+TqXFldOTyMVssxcZM/upLjDrrzUjeTFvSVG708ERrPPZFMj+xQ6DcaHf15l29bFhzhTU=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 21 Nov 2023 11:05:36 GMT
server: AmazonS3
x-timer: S1700633425.049246,VS0,VE0
etag: "ce4d50b6753e10ad08a2572e009891bf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 76889

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1137ms
1136ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A10%3A25.025&id=4304&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1015ms
1013ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700633425027%7D&tim=07%3A10%3A25.027&id=3643&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1230ms
1229ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A10%3A25.029&id=8711&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 1015ms
1014ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=10638&tvi50=9058&lti=deflated&ri=5c9b55bd9747ed866f0a8d06751a65d4&sd=v2_c42c1e648c5f3b5ec3c5e20640292df0_28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0_1700633424_1700633424_CNawjgYQ2YJdGKfimq2_MSABKAEwKziy0A1AzogQSMOz3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=28f2ca9f-4612-44b7-9339-6687d15d2d39-tuctc5720d0&pi=/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&wi=5365496803925773046&pt=text&vi=1700633424167&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700633425031%7D&tim=07%3A10%3A25.031&id=5886&llvl=2&cv=20231121-7-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pb.42753.1698934930219.js Show response
cdn.adpushup.com/prebid/ 437 KB
127 KB 58ms
57ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C8E) /
Resource Hash: 6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 22 Nov 2023 06:10:25 GMT
content-encoding: br
age: 1631891
x-cache: HIT
x-client-device: desktop
content-length: 130160
last-modified: Thu, 02 Nov 2023 14:21:48 GMT
server: ECAcc (frc/4C8E)
etag: W/"6543b07c-6d3da"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 06:10:25 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
310 B 779ms
779ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD4) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 22 Nov 2023 06:10:25 GMT
content-encoding: br
age: 6807244
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (frc/4CD4)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 06:10:25 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 1279ms
294ms Fetch
application/json 3.233.145.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 778ms
777ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D07) /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Wed, 22 Nov 2023 06:10:25 GMT
content-encoding: br
age: 5920041
x-cache: HIT
x-client-device: desktop
content-length: 18371
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: ECAcc (frc/4D07)
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 06:10:25 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 1142ms
673ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA2MzM0MjUzNjEsInBhY2tldElkIjoiMDAwMEE3MDEtMjhhOTU4NmEtMWNjMy00Nzg0LWIwYTUtODBhZDMxYjdkNjQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW4taGFuLWRhbi1rYWktYm8tZmFuZy1xaS15b3UteGlhbi1kaWFuLXNoaS1waW4tZGFvLWRhaS1saS1zaGktY2h1LWRvbmctc2VuLXdlaS1sYWktZGVuZy0xNHBpbi1kYW8uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4384.700004577637
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 773ms
389ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 632ms
551ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2MzM0MjU0ODksInBhY2tldElkIjoiMDAwMEE3MDEtMjhhOTU4NmEtMWNjMy00Nzg0LWIwYTUtODBhZDMxYjdkNjQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW4taGFuLWRhbi1rYWktYm8tZmFuZy1xaS15b3UteGlhbi1kaWFuLXNoaS1waW4tZGFvLWRhaS1saS1zaGktY2h1LWRvbmctc2VuLXdlaS1sYWktZGVuZy0xNHBpbi1kYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4512.300003051758
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 629ms
549ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2MzM0MjU0OTYsInBhY2tldElkIjoiMDAwMEE3MDEtMjhhOTU4NmEtMWNjMy00Nzg0LWIwYTUtODBhZDMxYjdkNjQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW4taGFuLWRhbi1rYWktYm8tZmFuZy1xaS15b3UteGlhbi1kaWFuLXNoaS1waW4tZGFvLWRhaS1saS1zaGktY2h1LWRvbmctc2VuLXdlaS1sYWktZGVuZy0xNHBpbi1kYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4519
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 613ms
550ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2MzM0MjU1MDAsInBhY2tldElkIjoiMDAwMEE3MDEtMjhhOTU4NmEtMWNjMy00Nzg0LWIwYTUtODBhZDMxYjdkNjQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW4taGFuLWRhbi1rYWktYm8tZmFuZy1xaS15b3UteGlhbi1kaWFuLXNoaS1waW4tZGFvLWRhaS1saS1zaGktY2h1LWRvbmctc2VuLXdlaS1sYWktZGVuZy0xNHBpbi1kYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4522.800003051758
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
17 KB 474ms
474ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3429043413468683&correlator=868092580904770&eid=31079658%2C31079525%2C31079576%2C21065724&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700633425513&lmt=1700633425&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1270102663.1700633424&ga_sid=1700633426&ga_hid=1446514085&ga_fc=true&dlt=1700633423808&idt=747&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_22_1_pv%26cluster_reporting%3Dchrome_DESKTOP_22_1_active_1_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_4%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_4%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68bc6333c874c6522e7157d1a0af2362db2e01aebc05d6d13868a5cf076667b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16622
x-xss-protection: 0
google-lineitem-id: 6393702623
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138449155128
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 821C 6 KB
3 KB 1230ms
433ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 06:10:26 GMT
expires: Thu, 21 Nov 2024 06:10:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 39 KB
14 KB 100ms
100ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl_page_level_ads.js?cb=31079658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-18-66-97-120.fra56.r.cloudfront.net

Software

cafe /

Resource Hash

c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33606
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 13319621592303420164
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 20:50:19 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 717ms
714ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA2MzM0MjU0ODksInBhY2tldElkIjoiMDAwMEE3MDEtMjhhOTU4NmEtMWNjMy00Nzg0LWIwYTUtODBhZDMxYjdkNjQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZW4taGFuLWRhbi1rYWktYm8tZmFuZy1xaS15b3UteGlhbi1kaWFuLXNoaS1waW4tZGFvLWRhaS1saS1zaGktY2h1LWRvbmctc2VuLXdlaS1sYWktZGVuZy0xNHBpbi1kYW8uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4547.400001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
304 B 813ms
813ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=5906&tvi48=10638&tvi50=9058&route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 81
date: Wed, 22 Nov 2023 06:10:26 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 68903
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230022-FRA
pragma: no-cache
server: nginx
x-timer: S1700633426.015430,VS0,VE81
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F640
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
555 B

300ms
102ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Nov 2023 06:10:26 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 22 Nov 2023 06:10:26 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET idsync
sync.aralego.com/ 0
0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
768 B 659ms
659ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 22 Nov 2023 06:10:26 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 14560
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1700633426.034581,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4210

GET
H2 200 socket.io.min.js Show response
cdn.socket.io/4.5.4/ 43 KB
13 KB 517ms
164ms Script
application/javascript 18.66.97.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.socket.io/4.5.4/socket.io.min.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 16:47:17 GMT
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-amz-cf-pop: FRA56-P2
age: 2240196
x-cache: Hit from cloudfront
content-disposition: inline; filename="socket.io.min.js"
server: Vercel
x-vercel-id: fra1::58txd-1698598036852-d74a80e9fa02
etag: W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: zYPoAy6qZstbP8oNm-gU1RFjN87zisR7-7QlqlfDtel_1jyuHtaQaw==

GET
H2 200 prebid.js Show response
cdn.unibotscdn.com/player/prebid/ 502 KB
161 KB 71ms
69ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 2139fcb6d5586442247ed31ab4133bfa6395b51ff5765df3f7cebf86ac809048

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-storageserver: DE-677
cdn-cachedat: 11/21/2023 11:20:02
cdn-pullzone: 873945
last-modified: Tue, 21 Nov 2023 11:19:52 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 645
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"655c9258-7d8ab"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 46d4c8a594c8a1b323164382a5720960
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 quant.js Show response
secure.quantserve.com/ 21 KB
9 KB 937ms
376ms Script
application/javascript 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 29 Nov 2023 06:10:26 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 753ms
177ms XHR
application/json 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231122

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6f1048bf97e0daf6b9eba804c11f6d2ee6736726c3b8a5c4c3c42063383cf56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7772
x-jsd-version: 1.0.1881
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230069-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"643-7vZcYomrQmvX1we42OIbnEkre24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCSjZbfovduDPBhaGgc2WCHD9bP4nStadM0r7wDkUqI8RNJncxqCiOUBe024lHmskyK29OhzmoruF8GoHho2QtiitlEVg9lejzKOZxPTQX%2FZk0ValdN5piENr%2FQFASfeEGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829f02658c6223c7-ZRH

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 22 B
359 B 825ms
280ms XHR
application/json 3.121.101.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.101.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-101-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c494c464e58dd68616088b5b8b4d48bf1bb1a8838ee6c80f10e36093706a50a4

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 22 Nov 2023 06:10:26 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 47

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 624ms
359ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 829f026398180e62-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 710ms
445ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 829f026398190e62-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 17 KB
9 KB 818ms
393ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-52-210-49-96.eu-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

b2c093930b985b36e990546157584a2e6293a81fd5ae89d2656f68381b8b1334

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: gzip
an-x-request-uuid: a78e5dba-30bd-4950-aa49-02571efe0723
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
518 B 1348ms
905ms XHR
application/json 52.210.49.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.49.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 763
content-length: 3
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 2 KB
1017 B 808ms
280ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 16a493b470a8669598cabc6e554b27b56a09401374fec2392e1dcb25b05dccd5

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 447
expires: Wed, 22 Nov 2023 06:10:27 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 11 KB
5 KB 698ms
444ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770406fdbeddcb6598330e26346b5a865bdf0d22722c09201ad4f3bc8498ca3d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0y14lz9Kw8tXkZ%2B%2B3kOnLffI%2FWYr8ng2UE%2FwsAvjP%2BInVMRs8onrbd2FNZAj4dUihBf4BO4ky0D%2Fyyxh5C7FPCae3x5pZM%2FHe1V6NPIijzmzNZXnltHpHqAW2sbBINY11NK1HnY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829f0263a85f01e3-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 5 KB
4 KB 520ms
266ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cb0e270eaefc876b3b7f64b73831fd3516c3565461701152372e7fdfef2a7c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuBWeFoSubS0OG7wFYRqV3UbnCMmNp0M30JFo%2Fz1LlICHeMU9CjuR0dExYrNanalizuCeIQPZ%2BqvSbN5cl2gE7wpam0h2w7mxhod%2FIGLERgTDPce0Eef5V8y1Z1ecWQ%2BZ2hGQOyw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829f0263a86d01e3-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
314 B 944ms
690ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7952c6fe88ffec93f170bd3c4f7745138cc808d814d84e4fb4b930eeeee940a3

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Upa7G25TZAZVb7nhMXQsJ0P0d24ZFhPKFSuLLAMAG%2Bc9ze6u55%2B3uq8Y4p2IRNuMf%2Fo61KdIM8K2P45ZmHOanqVLsYZtIE%2FW%2BMTXuW0sJteATW1OXOElnup5ABIAgtsW5cDmpZD8"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829f0263a86301e3-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 12 KB
7 KB 612ms
353ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-18-198-161-106.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d32ecd228a433e3fb5e97d6e4eea0829b77d9be7878d7e76414d536ee0250fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 7023
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 814ms
246ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=4418956368&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 22 Nov 2023 06:10:26 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 699ms
288ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: c49566bd124d716b5a4943dcc270dcd4b94b255d693fb73d6af829b0d68ebbd3

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 06:10:26 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
229 B 695ms
440ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8e9425f3fb361593c746b05e89092fe3f1ad24b058758b246ba7b6d65870cb9d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
229 B 937ms
682ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8e9425f3fb361593c746b05e89092fe3f1ad24b058758b246ba7b6d65870cb9d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
255 B 605ms
352ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a2a464e079f44aaee531b8df228190b3b4b6e215bc8857286d5033144cddd516

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 adreq Show response
ads.servenobid.com/ 592 B
659 B 797ms
281ms XHR
application/json 54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=7192
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 847285cdc5c916e952ff0758224f3681e24abea04fa89b21a103d3ebeda0af13

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
465 B 692ms
283ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e0c4d0d04296ab4442c0f917460ce36afd461990477b1209761d5256d2ffc9e2

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.3.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 172
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 507 B
1 KB 1327ms
517ms XHR
application/json 213.19.162.44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=18379837-47df-4402-b1a6-15a53958a4c7%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E9%9C%87%E6%92%BC%E5%BD%88%EF%BC%81%E5%87%B1%E6%93%98%E6%94%BE%E6%A3%84%E6%9C%89%E7%B7%9A%E9%9B%BB%E8%A6%96%E9%A0%BB%E9%81%93%E4%BB%A3%E7%90%86%E9%87%8B%E5%87%BA%E6%9D%B1%E6%A3%AE%E7%B7%AF%E4%BE%86%E7%AD%8914%E9%A0%BB%E9%81%93&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=44b64af5-02ec-43e0-aeb0-3e9182bf7539%3B8b5ae87c-0d4e-4786-9c51-e8240ad508b4&l_pb_bid_id=589fe4dc80f9c7d%3B59b45254c299873&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=44b64af5-02ec-43e0-aeb0-3e9182bf7539%3B8b5ae87c-0d4e-4786-9c51-e8240ad508b4&rp_maxbids=1&slots=2&rand=0.9031432024289647
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.44 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5f29e2b27b7769474977d811f729940101b072ef6721663c0a58b10f50aa70d1

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
700 B 598ms
195ms XHR
application/json 18.198.161.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&tmax=2500

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.198.161.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:26 GMT
accept-ch: sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status: 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
351 B 598ms
188ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 22 Nov 2023 06:10:26 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ Frame 67A0 4 KB
767 B 166ms
166ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 06:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 04:17:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 06:10:26 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 67A0 21 KB
9 KB 764ms
196ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H2 200 a1551001.js Show response
js.genieessp.com/t/551/001/ Frame E08F 9 KB
4 KB 1579ms
725ms Script
application/javascript 133.186.12.16
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/551/001/a1551001.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.16 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p016.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 08:10:59 GMT
server: nginx
etag: W/"65016e93-2598"
content-type: application/javascript
cache-control: max-age=900, private
cross-origin-resource-policy: cross-origin
expires: Wed, 22 Nov 2023 06:25:27 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E08F 202 KB
64 KB 850ms
357ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 06:10:27 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 159ms
158ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:26 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 864
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1700633427.659110,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 54
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 5332

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 158ms
157ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Nov 2023 06:10:26 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 18468
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1700633427.659116,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 20017

GET
H2 200 / Show response
pips.taboola.com/ 4 B
181 B 678ms
160ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230123-FRA
date: Wed, 22 Nov 2023 06:10:27 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F640 46 KB
13 KB 130ms
129ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 23:36:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62735
Connection: keep-alive
Content-Length: 13230
Expires: Wed, 22 Nov 2023 23:36:02 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame F640 7 B
778 B 381ms
100ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 115 B
271 B 308ms
97ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 0308cb1ba4c4e8009e46a9e137fefc6641fae3fa4a1ad56cebace79d4d361f99

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 06:10:27 GMT
Content-Length: 115
Content-Type: application/json; charset=utf-8

GET
H2 404 L2Evemhlbi1oYW4tZGFuLWthaS1iby1mYW5nLXFpLXlvdS14aWFuLWRpYW4tc2hpLXBpbi1kYW8tZGFpLWxpLXNoaS1jaHUtZG9uZy1zZW4td2VpLWxhaS1kZW5nLTE0cGluLWRhby5odG1s.json Show response
cdn.adpushup.com/42753/ 555 B
227 B 416ms
416ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2Evemhlbi1oYW4tZGFuLWthaS1iby1mYW5nLXFpLXlvdS14aWFuLWRpYW4tc2hpLXBpbi1kYW8tZGFpLWxpLXNoaS1jaHUtZG9uZy1zZW4td2VpLWxhaS1kZW5nLTE0cGluLWRhby5odG1s.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 21 Nov 2024 06:10:27 GMT
date: Wed, 22 Nov 2023 06:09:20 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31536000
x-client-device: desktop
x-client-geo: CH

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
643 B 741ms
193ms Script
application/javascript 18.66.97.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-81.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:09:33 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 54
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 2DNV5u0AH6DLsbjUwzy4ZuuG0qNMdCwTXx_ULxzX_Zb_B9CKK6aeKw==

GET /
cds.taboola.com/ 0
0

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 47ms
45ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96aGVuLWhhbi1kYW4ta2FpLWJvLWZhbmctcWkteW91LXhpYW4tZGlhbi1zaGktcGluLWRhby1kYWktbGktc2hpLWNodS1kb25nLXNlbi13ZWktbGFpLWRlbmctMTRwaW4tZGFvLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0yOGE5NTg2YS0xY2MzLTQ3ODQtYjBhNS04MGFkMzFiN2Q2NDkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiOThlOGRkZWQtMWEyMS00YzQwLWE2NzgtMjZlZTI1NzRlM2MxIiwidGltZU9mQXVjdGlvbiI6MTcwMDYzMzQyNjIxMCwiYmlkcyI6W3siY3BtIjowLjA3LCJhZElkIjoiNzUzZmI3MDY4ZjU2MDZkIiwib3JpZ2luYWxDcG0iOjAuMDcsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwNzAwMDAwMDAwMDAwMDAwMSwiZm9ybWF0VHlwZSI6InZpZGVvIiwicmVzcG9uc2VUaW1lIjo2MjEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNjMzNDI2ODU2fSx7ImNwbSI6MC4wNDQ0MDgzNTMyNzUsImFkSWQiOiI3NmY2ODA2NzI2OWI5NGYiLCJvcmlnaW5hbENwbSI6MC4wNDQ0MDgzNTMyNzUsImJpZGRlciI6Im9uZXRhZyIsInJldmVudWUiOjAuMDAwMDQ0NDA4MzUzMjc1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo3MDMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNjMzNDI2OTQ0fSx7ImNwbSI6MC4wMTY5MjUsImFkSWQiOiI4MzI0YjdkZWI2MGU1M2UiLCJvcmlnaW5hbENwbSI6MC4wMTY5MjUsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwMTY5MjQ5OTk5OTk5OTk5OTgsImZvcm1hdFR5cGUiOiJuYXRpdmUiLCJyZXNwb25zZVRpbWUiOjgyNiwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDA2MzM0MjcwNTN9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiaXgiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc1M2ZiNzA2OGY1NjA2ZCIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwNzAwMDAwMDAwMDAwMDAwMX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiOThlOGRkZWQtMWEyMS00YzQwLWE2NzgtMjZlZTI1NzRlM2MxIiwidGltZU9mQXVjdGlvbiI6MTcwMDYzMzQyNjIxMCwiYmlkcyI6W3siY3BtIjowLjI2MDk1MjI3MTIwMDAwMDAzLCJhZElkIjoiNzc0OGU0YzMwM2E3OGMxIiwib3JpZ2luYWxDcG0iOjAuMjYwOTUyMjcxMjAwMDAwMDMsImJpZGRlciI6Im9uZXRhZyIsInJldmVudWUiOjAuMDAwMjYwOTUyMjcxMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NzA0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDYzMzQyNjk0NX0seyJjcG0iOjAuMDYsImFkSWQiOiI3ODlhODBhZTQ5YzhhYTkiLCJvcmlnaW5hbENwbSI6MC4wNiwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA1OTk5OTk5OTk5OTk5OTk5NSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODA4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDYzMzQyNzA0M30seyJjcG0iOjAuMSwiYWRJZCI6Ijc5NjA0NjE1NjQ0NDIyNyIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo4MTIsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNjMzNDI3MDQ1fSx7ImNwbSI6MC4xLCJhZElkIjoiODA2MzI1ZDUzM2M2MjZjIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjgxMywidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDA2MzM0MjcwNDZ9LHsiY3BtIjowLjEsImFkSWQiOiI4MTU1YTMwNmFkODE4ZWEiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODEzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDYzMzQyNzA0Nn0seyJjcG0iOjAuMSwiYWRJZCI6IjgyMmExM2NlMzkyYTBkZSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo4MTQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNjMzNDI3MDQ3fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6Im9uZXRhZyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzc0OGU0YzMwM2E3OGMxIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDI2MDk1MjI3MTJ9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=6614.300003051758
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:27 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET

idsync
sync.aralego.com/ Frame F640
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP9D8EUI-1L-I09C
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP9D8EUI-1L-I09C

0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
22 KB 528ms
527ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3429043413468683&correlator=4155395939977566&eid=31079658%2C31079525%2C31079576%2C21065724&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D090876fc34927768%3AT%3D1700633425%3ART%3D1700633425%3AS%3DALNI_Mb2yLNxJioLWq63Lkpa_EczR6DGKw&gpic=UID%3D00000cd6c4b91d7f%3AT%3D1700633425%3ART%3D1700633425%3AS%3DALNI_Mbq-3OBi5tIw0vkn52GLpIUh1LjBg&arp=1&abxe=1&dt=1700633427620&lmt=1700633427&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&psts=AOrYGsn3ZcynM-zlz8PkuwsVky8cbc7SB7DS32TmQSbP39dv1EmvteveUwpC3vfp6V25yc5gmDUAf1sim8N7y5CaH6I&ga_vid=1270102663.1700633424&ga_sid=1700633426&ga_hid=1446514085&ga_fc=true&dlt=1700633423808&idt=747&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_22_1%26cluster_reporting%3Dchrome_DESKTOP_22_1_active_1%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.26%26hb_ap_adid%3D7748e4c303a78c1%26hb_ap_bidder%3Donetag%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_22_1%26cluster_reporting%3Dchrome_DESKTOP_22_1_active_1%26ap_refresh_type%3DAV_3%26hb_cache_host%3Dprebid.adnxs.com%26hb_ap_format%3Dvideo%26hb_ap_pb%3D0.07%26hb_ap_adid%3D753fb7068f5606d%26hb_ap_bidder%3Dix%26hb_cache_host_ix%3Dprebid.adnxs.com%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A8324b7deb60e53e%26hb_native_image_appn%3Dhb_native_image%253A8324b7deb60e53e%26hb_native_body_appne%3Dhb_native_body%253A8324b7deb60e53e%26hb_native_title_appn%3Dhb_native_title%253A8324b7deb60e53e%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_4%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_4%26faid%3Dfalse%26adro%3Dv8_c&adks=1420297610%2C2825066673&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d39b57b7568b702187fcf57ea8a7d9931ec2a261c296af849cba8a22b60d39a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22080
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg3.co_1695642730139.js Show response
cdn.unibotscdn.com/clientdata/js/ 667 B
848 B 68ms
68ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-storageserver: DE-662
cdn-cachedat: 09/26/2023 10:16:02
cdn-pullzone: 873945
last-modified: Tue, 26 Sep 2023 10:14:53 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6512af1d-29b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 52e9f18aa20ae1b7e582db648c1666b8
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 975 B
1 KB 134ms
133ms Stylesheet
text/css 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-662
cdn-cachedat: 10/31/2023 18:50:59
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: f9970d7a813450775a3851085840beda
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 4 KB
2 KB 137ms
135ms Stylesheet
text/css 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-167
cdn-cachedat: 10/31/2023 19:01:06
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 576
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-eda"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: ba45678d7f1e34b211d9f03f9450f8e9
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 39 KB
11 KB 137ms
136ms Stylesheet
text/css 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-677
cdn-cachedat: 11/10/2023 21:11:01
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:08 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf618-9cdf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: e51900e01a49077ae332560eff2b01a0
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg3.co_1695642730139.css
cdn.unibotscdn.com/clientdata/css/ 440 B
976 B 136ms
135ms Stylesheet
text/css 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/bg3.co_1695642730139.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 67db2b0c3deefc3f84f7ceaad4268e56b2220f2486c54c7b5ef34dab9f6f15b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-382
cdn-cachedat: 11/05/2023 20:42:32
cdn-pullzone: 873945
last-modified: Sun, 05 Nov 2023 20:34:22 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 374
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6547fc4e-1b8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: aa3cc9242bdfb655d6026424fd194179
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 5 KB
2 KB 134ms
134ms Stylesheet
text/css 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: br
cdn-edgestorageid: 1078
cdn-storageserver: DE-677
cdn-cachedat: 11/05/2023 14:34:02
cdn-pullzone: 873945
last-modified: Fri, 25 Aug 2023 05:21:29 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e83a59-1333"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: ea658a069dd86a415063b494906af752
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 95ms
81ms Script
text/javascript 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128095
x-xss-protection: 0
expires: Wed, 22 Nov 2023 06:10:27 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F640
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA5RDhFVUktMUwtSTA5Qw==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMScRCAzToNtiYw69mRovwM&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5RDhFVUktMUwtSTA5Qw==&google_push=

170 B
232 B

268ms
266ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5RDhFVUktMUwtSTA5Qw==&google_push=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5RDhFVUktMUwtSTA5Qw==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F640
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rYeBgTo4R5WswIqRB614iA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rYeBgTo4R5WswIqRB614iA

43 B
479 B

101ms
100ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rYeBgTo4R5WswIqRB614iA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HW1Q357S3KJ6XKJ6DF46
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rYeBgTo4R5WswIqRB614iA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F640
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP9D8EUI-1L-I09C

0
648 B

758ms
234ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP9D8EUI-1L-I09C
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 48E6FEAACBAA4F789A20E96A5AB67705 Ref B: GVA30EDGE0111 Ref C: 2023-11-22T06:10:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKt5NlLmA4ah6goTM9Pw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP9D8EUI-1L-I09C
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F640
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/rhOTwwI2SUZvDsEKlRmQ6sn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ues.dPFE2oKPGbTUbCs0Cu5lgdF5h2Ssv0vz2w--~A

42 B
691 B

71ms
69ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ues.dPFE2oKPGbTUbCs0Cu5lgdF5h2Ssv0vz2w--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 22 Nov 2023 06:10:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ues.dPFE2oKPGbTUbCs0Cu5lgdF5h2Ssv0vz2w--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F640
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LP9D8EUI-1L-I09C&ex=d-rubiconproject.com&status=ok

43 B
479 B

474ms
151ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LP9D8EUI-1L-I09C&ex=d-rubiconproject.com&status=ok

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 55Z0ZNAT7QJPNZXPVKRS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LP9D8EUI-1L-I09C&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame F640 70 B
149 B 429ms
179ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F640
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIHzB8oThY6rLiHZSgmUG7A&google_cver=1

42 B
691 B

84ms
83ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIHzB8oThY6rLiHZSgmUG7A&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIHzB8oThY6rLiHZSgmUG7A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F640
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhlZDM0NTRlODE3NmI3YjYwZjFiMTY0MWVhOWM0NTFjZjBjYWI0Ng

170 B
243 B

405ms
404ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhlZDM0NTRlODE3NmI3YjYwZjFiMTY0MWVhOWM0NTFjZjBjYWI0Ng

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhlZDM0NTRlODE3NmI3YjYwZjFiMTY0MWVhOWM0NTFjZjBjYWI0Ng
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F640
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zXXHjlfyQeCt92Q8OwKOtw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zXXHjlfyQeCt92Q8OwKOtw

43 B
479 B

167ms
165ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zXXHjlfyQeCt92Q8OwKOtw

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TGAMESJN4M4F13P2TR71
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zXXHjlfyQeCt92Q8OwKOtw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F640
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADZIE7KuzcAABRFlWJFxA&expires=30

42 B
691 B

71ms
69ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADZIE7KuzcAABRFlWJFxA&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADZIE7KuzcAABRFlWJFxA&expires=30
Date: Wed, 22 Nov 2023 06:10:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame F640
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LP9D8EUI-1L-I09C

0
131 B

64ms
62ms

Image
text/plain

145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LP9D8EUI-1L-I09C
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LP9D8EUI-1L-I09C
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F640
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5488124a-7e58-4c4b-8e68-4599c4a8104e&expires=30

42 B
691 B

78ms
78ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5488124a-7e58-4c4b-8e68-4599c4a8104e&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5488124a-7e58-4c4b-8e68-4599c4a8104e&expires=30
Date: Wed, 22 Nov 2023 06:10:29 GMT
Connection: keep-alive
X-CI-RTID: e9891121-d21f-4149-a4a6-7a332cb99721
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame F640
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP9D8EUI-1L-I09C
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP9D8EUI-1L-I09C

95 B
436 B

77ms
75ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP9D8EUI-1L-I09C

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:29 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 22 Nov 2023 06:10:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP9D8EUI-1L-I09C
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame F640
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP9D8EUI-1L-I09C

43 B
1 KB

78ms
77ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP9D8EUI-1L-I09C

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
an-x-request-uuid: 8ad369d1-7357-4969-b0b8-057ac17cf7d7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP9D8EUI-1L-I09C
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame F640
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LP9D8EUI-1L-I09C&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LP9D8EUI-1L-I09C&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

136ms
135ms

Image
image/gif

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LP9D8EUI-1L-I09C&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 829f02748a0f2355-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 22 Nov 2023 06:10:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LP9D8EUI-1L-I09C&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 829f02733fb72355-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame F640
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LP9D8EUI-1L-I09C

0
311 B

470ms
281ms

Image
text/plain

216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LP9D8EUI-1L-I09C
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: HTTP/1.1
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:28 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LP9D8EUI-1L-I09C
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 95ms
93ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-145-251.compute-1.amazonaws.com

Software

Google Tag Manager /

Resource Hash

8f4daf6a4f5de1571711648765359bb1d031a4248ea6af641481bc5f64c56697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 06:10:27 GMT

GET
H2 200 jsk Show response
ialaddin.genieesspv.jp/yie/ld/ Frame E08F 9 KB
4 KB 1413ms
660ms Script
text/javascript 222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1551001&cb=26420745266&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&sw=1200&sh=1600&topframe=0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: 65d660b724a82af4a45be15cc1dd430b157b57794f2130e7d79a7c2daa7f6819

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame E08F 633 B
597 B 743ms
168ms Script
text/javascript 2.23.209.46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by: Host: js.genieessp.com
URL: https://js.genieessp.com/t/551/001/a1551001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"
content-type: text/javascript
cache-control: private, max-age=14400
content-length: 445
expires: Wed, 22 Nov 2023 10:10:28 GMT

GET
H2 200 pixel;r=69329588;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html;uh=e51ed67dfb8d9...
pixel.quantserve.com/ 35 B
372 B 169ms
136ms Image
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=69329588;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1150306918-1700633427310;pbc=18379837-47df-4402-b1a6-15a53958a4c7;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700633428063;tzo=-60;ogl=;ses=c134e972-62ff-4e9d-9ccf-2808a98fe397;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 container.html Show response
544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6891 6 KB
3 KB 77ms
76ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 06:10:26 GMT
expires: Thu, 21 Nov 2024 06:10:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 537E 6 KB
3 KB 273ms
273ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 06:10:26 GMT
expires: Thu, 21 Nov 2024 06:10:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 167ms
167ms Fetch
application/json 3.233.145.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 BannerAdBannerPlacement.js Show response
onetag-sys.com/static/ Frame 012C 41 KB
12 KB 60ms
58ms Script
application/javascript 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.25

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-233-145-251.compute-1.amazonaws.com

Software

Resource Hash

a2072fedb72268b355ebd903f03143bb9696345e74e6c4264232d91f999ad286

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2628000, immutable
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 11866
expires: Mon, 01 Jan 2046 12:34:56 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 327ms
326ms Fetch
application/json 3.233.145.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 46ms
45ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96aGVuLWhhbi1kYW4ta2FpLWJvLWZhbmctcWkteW91LXhpYW4tZGlhbi1zaGktcGluLWRhby1kYWktbGktc2hpLWNodS1kb25nLXNlbi13ZWktbGFpLWRlbmctMTRwaW4tZGFvLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0yOGE5NTg2YS0xY2MzLTQ3ODQtYjBhNS04MGFkMzFiN2Q2NDkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJvbmV0YWciLCJyZXZlbnVlIjowLjAwMDI2MDk1MjI3MTIsInJlc3BvbnNlVGltZSI6NzA0LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJvbmV0YWciLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDI2MDk1MjI3MTIsIndpbm5lckFkVW5pdElkIjoiNzc0OGU0YzMwM2E3OGMxIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6Ijk4ZThkZGVkLTFhMjEtNGM0MC1hNjc4LTI2ZWUyNTc0ZTNjMSIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=7221.700004577637
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 204 ping
onetag-sys.com/v2/ Frame 012C 0
77 B 59ms
59ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=kNdmQHFM7GcXBKDIWmiJ7zgAVncGfx-14jkcO653PkXy_UYQgaiTEURJwsWliy6p_LGVfJqaiaPUkP6SIaa_iMkknc5tCQtNxbH69hW1Df-1pFxtGLOtSmkDPYkOAUNe1O1UYbZiFKj7W_X6ntxnmWAzvd_vUXAvZf9pjDEbZxGCr1K-HCJpyiOPUv18-1zlUVI2sDmFpmBCm1yeTYjXKMgiFUgd8BthIhddZGuB9H2e7AVN8fdedDvOx5cypdV4ScSilT2gAqp7Lm6uNStXkGH-7YIRw6IUAXyEc-HlJZohvyQzR_lupPwvCbs6_WUEwmYne4rGqHm6D7A3XMSr_ZovlXqTHtGxh7Wu7saSMHq1HZwdmwsYe6nR1SDVBq3L_cQZcsacq69kteXDe7KVZ-OWbwjUjIY4dkqVkaVtBuNizcWCUBsp-anugRJ09lpa8utZWN0uIQMyidblFzkxEpJ7L5H_VQfD5nP8mtxlQnzW5NeYtZv1VAbWpmqhsxYLSUGtRPuvpADyDVyg6i6LEdcyfrBtdgpvv1VpWuV3OQxIDjWbg0N6W2nnBvCyFkmNGl8gqa1LSz-cFuQ0ZJ_Ecec35ALWoqC4jUuGFHDrF5MJLWyYGaIZzejvzif8IOQn0oTQxWkFeqJGnMqQrt0iyq1M1sc7e8LGGIHQ4EPtbWw&event=115&price=&click=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 160ms
159ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700633423831&gcd=11l1l1l1l1&dma=0&cid=1270102663.1700633424&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700633428&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&dt=%E9%9C%87%E6%92%BC%E5%BD%88%EF%BC%81%E5%87%B1%E6%93%98%E6%94%BE%E6%A3%84%E6%9C%89%E7%B7%9A%E9%9B%BB%E8%A6%96%E9%A0%BB%E9%81%93%E4%BB%A3%E7%90%86%E3%80%80%E9%87%8B%E5%87%BA%E6%9D%B1%E6%A3%AE%E7%B7%AF%E4%BE%86%E7%AD%8914%E9%A0%BB%E9%81%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=7294
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 649E 478 B
238 B 939ms
437ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYj5aW6QEwAQ&v=APEucNWEJyyGCLTW58RzyEb1ve0M6w1pRouPwc7Jv7K-e4xC_Iz2mEA6-9oDy-fd9ZgT5YSKY_8Ckey321p-7PUJl2aYvAK90A

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 06:10:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6891 89 KB
31 KB 792ms
288ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 06:10:28 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6891 42 B
107 B 667ms
165ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DA4ay7SHGCMGOooCInlrU2QlTgvHe4N2DNHHht34yWwcNoFZZB0mpSrpjOwsmKVxCRlnUoPTdqpJWMOSC9UIiTlYB32BnunAGS5qudUqCHDZ7nRso

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6891 0
349 B 666ms
163ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12114528323122122825&x=1&ct=77

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 6891 2 KB
1 KB 875ms
287ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253307&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0jDI5If9YZNGe9k9C0ym_X1&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=488999695&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&aubndl=&audeal=
Requested by: Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:24 GMT
Server: UploadServer
ETag: "ecfd819e1e247598f4ed0f18c70f6f53"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Thu, 23 Nov 2023 06:10:28 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 6891 9 KB
4 KB 875ms
287ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0jDI5If9YZNGe9k9C0ym_X1&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=488999695&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&aubndl=&audeal=
Requested by: Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 11:58:00 GMT
Server: UploadServer
ETag: "7016a8d85509bc72e9b0db848677035f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Wed, 22 Nov 2023 06:25:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6891 3 KB
1 KB 386ms
383ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:29:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6891 20 KB
8 KB 54ms
52ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6891 0
0 873ms
286ms Image
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlVg8tSrAujBjSt0TO0G_2GuhDEQVWdU02lBm-5xA_V4iDC_fonDJHD6iSChBM91zaor_ihzuMBvjvcMY_kuEr882eQg
Requested by: Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6891 202 KB
64 KB 56ms
55ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 06:10:28 GMT

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 7E7E
Redirect Chain

https://ghent-aws-fr.bidswitch.net/imp/0.412638/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R68934215_Qrtbwp_R_I_WAUCTION__PRICE_X-xNdR7SzdWtAlBC1XucTT3ugHg6zLJ-X30_Qrtbdata_R5Jx6L0QThhK4XNCmh5...
https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.41263-xNdR7SzdWtAlBC1XucTT3ugHg6zLJ-X30;rtbdata=5Jx6L0QThhK4XNCmh5bO5VK-qVI8CSOUNxpxAQCF5ptzfT45HjTjpuN_1Ynkn07DFMGmqtC2H4NGZm09yRIHFZlkfych4...

1 KB
2 KB

670ms
247ms

Script
text/javascript

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.41263-xNdR7SzdWtAlBC1XucTT3ugHg6zLJ-X30;rtbdata=5Jx6L0QThhK4XNCmh5bO5VK-qVI8CSOUNxpxAQCF5ptzfT45HjTjpuN_1Ynkn07DFMGmqtC2H4NGZm09yRIHFZlkfych4hZI9VbzYw3tmzqG4ZevaM3rWTrZKTV8Y1VBhNFK3-S_lJSQyaQwbEd55NJH88cEQbvbtvOTMy_pbEs__98DfAgNaSHmrY-MEG7vw3RIFXE91FqrVOoKh7JTAv21kHdFaNO0MNmdWtf3Jk3PSR51BlrxoXZXo3T4B0bZ_Ui9ccdXRTYjLmW8vfsBGood2eCPir6ci9pYnHSjOeQHbgsUbiH8uMnkkJIQ1pUM1z0UFkcNjzE5kB31tK4hrtcJ0JcYRlzWh-26oCjOxNe5GSRTThbU1GhKWuAwb2ycslAZDcdgAMw1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cfb319a380f37c2f7ffd071c15403410bc0f839e3e96743c56ea2403a33c9f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1025
expires: -1

Redirect headers

Location: https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.41263-xNdR7SzdWtAlBC1XucTT3ugHg6zLJ-X30;rtbdata=5Jx6L0QThhK4XNCmh5bO5VK-qVI8CSOUNxpxAQCF5ptzfT45HjTjpuN_1Ynkn07DFMGmqtC2H4NGZm09yRIHFZlkfych4hZI9VbzYw3tmzqG4ZevaM3rWTrZKTV8Y1VBhNFK3-S_lJSQyaQwbEd55NJH88cEQbvbtvOTMy_pbEs__98DfAgNaSHmrY-MEG7vw3RIFXE91FqrVOoKh7JTAv21kHdFaNO0MNmdWtf3Jk3PSR51BlrxoXZXo3T4B0bZ_Ui9ccdXRTYjLmW8vfsBGood2eCPir6ci9pYnHSjOeQHbgsUbiH8uMnkkJIQ1pUM1z0UFkcNjzE5kB31tK4hrtcJ0JcYRlzWh-26oCjOxNe5GSRTThbU1GhKWuAwb2ycslAZDcdgAMw1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Date: Wed, 22 Nov 2023 06:10:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

/
onetag-sys.com/match/ Frame 7E7E
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=onetag&dsp_id=70&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=onetag&dsp_id=70&imp=1
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag
https://x.bidswitch.net/sync?dsp_id=70&user_id=702967506440777401&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=52e45776-82af-4e0a-a4d7-08d4ce5d9370&gdpr=&gdpr_consent=&us_privacy=

0
340 B

79ms
79ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=52e45776-82af-4e0a-a4d7-08d4ce5d9370&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=52e45776-82af-4e0a-a4d7-08d4ce5d9370&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 22 Nov 2023 06:10:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame DD37 4 KB
2 KB 38ms
37ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2185e0eb22b9fc932b242fb6ac738da1a3478969907af70e69df258dcd73cdc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1409
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

POST
H2 200 / Show response
onetag-sys.com/analytics/ Frame 012C 0
226 B 125ms
125ms XHR
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/analytics/

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.bg3.co
strict-transport-security: max-age=15552000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip
content-length: 0
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame DD37 43 B
442 B 347ms
175ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x27 config_version:"941" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:28 GMT
Server: MT3 1143 599e619 master zrh zrh-pixel-x27 config_version:"941"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 22 Nov 2023 06:10:27 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame DD37
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LP9D8EUI-1L-I09C&gdpr=0

0
340 B

68ms
67ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LP9D8EUI-1L-I09C&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LP9D8EUI-1L-I09C&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame DD37
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3297053945854328167

0
340 B

157ms
156ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3297053945854328167

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
an-x-request-uuid: de4e0bf8-8a36-4a03-b1e5-81c8ecd8e47d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3297053945854328167
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame DD37
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=0

0
340 B

51ms
50ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:28 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1700633428987006-409

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame DD37 42 B
691 B 80ms
75ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=3E6ROQA7Hnj-tGwGVY5YI9t666dDNYfw2Sfl3Bysxyo
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD37
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_Wmwaw_BcT5I8KgRyqDxe2RaQmXAjOvdw

170 B
232 B

186ms
184ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_Wmwaw_BcT5I8KgRyqDxe2RaQmXAjOvdw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_Wmwaw_BcT5I8KgRyqDxe2RaQmXAjOvdw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame DD37
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=1548668815510508082

0
340 B

62ms
61ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=1548668815510508082

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=1548668815510508082
date: Wed, 22 Nov 2023 06:10:28 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame DD37 0
0 425ms
245ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DD37
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3E6ROQA7Hnj-tGwGVY5YI9t666dDNYfw2Sfl3Bysxyo

43 B
720 B

187ms
181ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3E6ROQA7Hnj-tGwGVY5YI9t666dDNYfw2Sfl3Bysxyo

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YVF37RCSWCMM2MPGF7TA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3E6ROQA7Hnj-tGwGVY5YI9t666dDNYfw2Sfl3Bysxyo
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame DD37
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTM2NUMwMEItMDZEOC00NTBDLTk3QTctRDc2MzU3OUM4RUZB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=E365C00B-06D8-450C-97A7-D763579C8EFA

0
340 B

59ms
57ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=E365C00B-06D8-450C-97A7-D763579C8EFA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=E365C00B-06D8-450C-97A7-D763579C8EFA
date: Wed, 22 Nov 2023 06:10:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame DD37
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1

0
340 B

160ms
157ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame DD37
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A

0
340 B

68ms
67ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A
date: Wed, 22 Nov 2023 06:10:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DD37 70 B
148 B 78ms
75ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame DD37
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=

70 B
148 B

122ms
121ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:29 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: //match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
date: Wed, 22 Nov 2023 06:10:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.11.4/ 524 KB
145 KB 710ms
205ms Script
application/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.11.4/video.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230104-FRA
date: Wed, 22 Nov 2023 06:10:28 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 16:37:54 GMT
etag: "dca7de69f28da40d65353c2e9323442b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 148475
x-cache-hits: 16

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1BD4 478 B
531 B 568ms
289ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNU1p5IzfVWgYAAEBJOA8_KnhRdHU__3euulCBuITAVRQw23XqaKKxHMNr2TXICygGg4sp0fhn_KL8VdnRqxIuKxZFT26w

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 06:10:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 537E 89 KB
31 KB 1182ms
899ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 06:10:28 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 537E 42 B
110 B 447ms
164ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3HZyxcmMg6a5KhEMMyaYr6vCPLxCSDjr79A9yUBwUh0DLjtBeJmpQVFZvtcegRgIhdM7ARJa8LuKymUp7GNmc_wsrxliFhMNNe4gJ1Utql010bck

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 537E 0
56 B 446ms
164ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8837078115314595299&x=1&ct=77

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 537E 2 KB
1 KB 660ms
201ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253309&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0iieL9svTVYkdiBA9yX8xDi&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=489026825&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&aubndl=&audeal=
Requested by: Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:24 GMT
Server: UploadServer
ETag: "ecfd819e1e247598f4ed0f18c70f6f53"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Thu, 23 Nov 2023 06:10:29 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 537E 9 KB
4 KB 660ms
199ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0iieL9svTVYkdiBA9yX8xDi&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=489026825&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&aubndl=&audeal=
Requested by: Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 11:58:00 GMT
Server: UploadServer
ETag: "7016a8d85509bc72e9b0db848677035f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Wed, 22 Nov 2023 06:25:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 537E 3 KB
1 KB 643ms
641ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:29:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 537E 20 KB
8 KB 270ms
268ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 537E 0
0 652ms
285ms Image
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoU_3BHRUJfftBs3IE1jk_VdZs8yRUACrLylbTYPRCc-EjqMiEWYTj-XMUFm4P38S4IXc3hIGK9TMY7_lq7RjmAdv2wQ
Requested by: Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 537E 202 KB
64 KB 568ms
566ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 06:10:28 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 898ms
378ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 06:10:29 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame E08F 6 KB
3 KB 76ms
74ms Script
application/javascript 2.23.209.46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Wed, 22 Nov 2023 06:10:28 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434
expires: Wed, 22 Nov 2023 09:10:28 GMT

GET
H2 204 ping
onetag-sys.com/v2/ Frame 012C 0
77 B 134ms
133ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ Frame 012C 0
77 B 134ms
134ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame E08F 10 B
171 B 755ms
293ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HFTTDGWR956ZBT4WVRMK2N02
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 22 Nov 2023 06:10:29 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 1BD4 170 B
188 B 651ms
650ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNU1p5IzfVWgYAAEBJOA8_KnhRdHU__3euulCBuITAVRQw23XqaKKxHMNr2TXICygGg4sp0fhn_KL8VdnRqxIuKxZFT26w

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1BD4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1

43 B
769 B

298ms
298ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNU1p5IzfVWgYAAEBJOA8_KnhRdHU__3euulCBuITAVRQw23XqaKKxHMNr2TXICygGg4sp0fhn_KL8VdnRqxIuKxZFT26w
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRO1ORJLj7oh%2Bel6b9igxfhqd4ycs0%2FcJ6dlkf2N0gRdtaHtBiNO4Qbp4c4DGu%2FwU8ykdEIX8DtuHWkyC2JpWAQ%2FHUrdCAiAmvyzSQF3I518uiNiuZyQMQfSZsQEcRlrm0%2BHoRqhYSMOmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f0278595301eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1BD4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV2bVdbVAYr6aDF5yOGvpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1

43 B
737 B

285ms
285ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNU1p5IzfVWgYAAEBJOA8_KnhRdHU__3euulCBuITAVRQw23XqaKKxHMNr2TXICygGg4sp0fhn_KL8VdnRqxIuKxZFT26w
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YojXjgfUjHA5Zj%2BkSktE8MxrHY5cZsSHTBMBabuxybVe8Avkv%2Ftysm8uBrub8SOaNdFPE8ASHrNRk4gz%2BToJMzPvuUkPcrYVdOLa3xj5s%2FhEJlUmFNEByOHnKZXuQZxCdNg%2FyuSnrX3V1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f027d799801eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 649E 170 B
188 B 912ms
912ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYj5aW6QEwAQ&v=APEucNWEJyyGCLTW58RzyEb1ve0M6w1pRouPwc7Jv7K-e4xC_Iz2mEA6-9oDy-fd9ZgT5YSKY_8Ckey321p-7PUJl2aYvAK90A

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 649E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1

43 B
734 B

143ms
142ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYj5aW6QEwAQ&v=APEucNWEJyyGCLTW58RzyEb1ve0M6w1pRouPwc7Jv7K-e4xC_Iz2mEA6-9oDy-fd9ZgT5YSKY_8Ckey321p-7PUJl2aYvAK90A
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWf%2FtoSbS7uOOQObanU8ySqOUdVbTugNp00njcpf65t62TxvuGOY1F3OkdHDg%2F95uZ0PQtHw8xeVX4zV6%2BL%2FOa1VTgPQ5SsQC2rinZdULLdHtrUM7jpWGPx9Kt%2BhJ7B9YMK6Extw8aj2cg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f027bae6501eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 649E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV2bVdbVAYr6aDF5yOGvpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1

43 B
733 B

307ms
307ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYj5aW6QEwAQ&v=APEucNWEJyyGCLTW58RzyEb1ve0M6w1pRouPwc7Jv7K-e4xC_Iz2mEA6-9oDy-fd9ZgT5YSKY_8Ckey321p-7PUJl2aYvAK90A
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4DZHUJ%2BpebLd8jdGoyhyrNkpPMWMb45b%2FsmhKbMxN970ESgk97VgwS2EO4ePwCyrfydtS7QFAal56zSga50IUmq%2Bdr85PJzotmr%2BWNI%2B1b8kpUkoe4fVixf2232Uo3jWvCQHqH9wGlM8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f02807e9701eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKjWwbBGqo-5ZYlibWgMbxQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 7E7E 37 KB
17 KB 397ms
148ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.412638/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R68934215_Qrtbwp_R_I_WAUCTION__PRICE_X-xNdR7SzdWtAlBC1XucTT3ugHg6zLJ-X30_Qrtbdata_R5Jx6L0QThhK4XNCmh5bO5VK-qVI8CSOUNxpxAQCF5ptzfT45HjTjpuN__1Ynkn07DFMGmqtC2H4NGZm09yRIHFZlkfych4hZI9VbzYw3tmzqG4ZevaM3rWTrZKTV8Y1VBhNFK3-S__lJSQyaQwbEd55NJH88cEQbvbtvOTMy__pbEs____98DfAgNaSHmrY-MEG7vw3RIFXE91FqrVOoKh7JTAv21kHdFaNO0MNmdWtf3Jk3PSR51BlrxoXZXo3T4B0bZ__Ui9ccdXRTYjLmW8vfsBGood2eCPir6ci9pYnHSjOeQHbgsUbiH8uMnkkJIQ1pUM1z0UFkcNjzE5kB31tK4hrtcJ0JcYRlzWh-26oCjOxNe5GSRTThbU1GhKWuAwb2ycslAZDcdgAMw1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/OdPYx0yJoVq-Ig4NFApsUujjnSroE8Nfc34oC6czYQ2xKLttgvEELau_PVhORYfqdpazn1u5KviTMRVaglPdQ_giB7mjxlNBFicDcyUPQOOSAzA15EoXN0Wou_rKp291XC75oReHro2v_TLIKiRcnnOGS9u6qM2_nNT6_6op9fJVqHqWgDs6Y4vCNkyecGx6dzIcr1nBmYqgzsEvKvcYMQr8JKIeqSAhS6eJqP19yKaSqwRc2fc5pGTOHTG2pSCpR_kdzH2g7CTDvv6bk0p0QkNp0njmC0cm3AUOD7g1ShKYAu8jsO0MQqE8P7Ace-o7turLPxRW8NtaiRPj453pJwKRGmwn5K7wKwPKC1DxJ7D0ONjw1lxNwGsgGtOpLoqWWiKlbGzpjqk9_GhL0hSa_HzWQ4WKELhg0K6TiwDTmLwS9PJeYBmiUoCQ1IpInmxKM1bRaJb7qf3Tsfxjv4FiObdxruXK9fAkD9AA3iJCPdqDccS_Pv9k8PAgi9aQCpthRySflBmM2mjmKqAGnoJfOlmd1Y4eJSLaAb9F99wQs5F8qMXdv1FxTXjqUNfMC9NNUA4nXVkiVmvEML5RPzMu5Eb2U888nfCh4nrp4DZLzo3muNgLYwobjVbs2GEig-6VSUNu46u7OLL9MYFN3ArBU3pbwy88Vbbb2t5eKRaCvV-RxxKUOO_a2GiWmCX5tc6uYHmQe5irCy6yRqz4SNMRtQurRRn5NYHkhpv3VrnEdZ1eItlZrmLld4xEEqxOIUhJOZnhXb5ue641TrbDHNUhICte9Pd9-HEZdBhj6Xx7fwqa9swlYNFsEfFQgux6oZWKsb8T0-AvcI6eIijDcD5bkS2dqBTemn5DXO8umJBStPp0ix_IlZn8QUQf2FnKFBSBv4jE9hA33aJF-1kqTJTFJU6eyAcsw60WfiRoW0-S8wWDSfNhI4wexdJTu04jTjQ2e4j6Z-E8lcFTf20N8AZE3toolq6WqMlk_aakpUAZ25J1kjmvOTkk9-NV3fomRWAxNHjqaurO1UVeEDFPYm1IWPJvYXMmZGZsWOCvL0VQa1YfCH7r-v77n8G6sezma19Bk9_X7tee1satStgsbTWGDwwoOoSPpw5hrQfzWW7L8HsszMYx8aOfMXNly_I49qOWKko48Kqhetd-jfOZbs_lIrVnA5N2-GozM8nrlvpg-jmSEEqAyEH1VnoyktQHtdY-oAaNK492mq-qehkeZfyqiiugWkI8cDYhAqIYmTOloEMyq8sVO8OObMF9I2ddn_gML3vdCItbzwITHxU_TIHeaqrODr0J45-Osi9vLdpJg7wBK6kJxdtmhcIFSqcY1e4AyXC-3QNWzGrG4nf8IqKTidlywivt3oVwSwkQR4BaNOThekP4JnTh9HZxhW0k95Sa4wBk1BTAVRvVO6Pe5rE3GyI8jRDQr9N7mj7_KQeHgUXs0aIpbzm-3z6wXU3v3DmWLP28siU5g0IKhbjVzqKuoDt37WbNCGxUYbsIYui8WiNyd93Z1ROQBmDaefYyJyifAevnHquzusN3PR0bFyF_A8vNvr26WDMs86FSNO2nTaVN9eCyPDYWf1tIAA2GxYbWJQJ74_1mjR2ZrmDTVDu5LdLKOlXdTL2T9nZ2w3PLQZT2zSeWQu42XS83g2iHrx_vjAW2Wk3wCP21REGIrnzEf50Qc8ecX74OGtf8Sa-0Sj-HCXZiPozWOTMkHxpX1Redbmdi2Zr3NbS5Ib5po69AfxXiSVF1R8Sfo4etsdCT_VRubUFZCw7IJ5ben6geIJnoyRNdvO8/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:29 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: UPDATING
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:27:20 GMT

GET
H2 200 inview.20190130.min.js Show response
js.genieessp.com/j/ Frame E08F 5 KB
2 KB 392ms
392ms Script
application/javascript 133.186.12.16
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/j/inview.20190130.min.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.16 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p016.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Feb 2019 06:15:01 GMT
server: nginx
etag: W/"5c650765-13cd"
content-type: application/javascript
cache-control: max-age=31536000, private
cross-origin-resource-policy: cross-origin
expires: Thu, 21 Nov 2024 06:10:29 GMT

GET
H2 200 jstag Show response
genieeintl-d.openx.net/w/1.0/ Frame E08F 49 KB
18 KB 331ms
148ms Script
text/javascript 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://genieeintl-d.openx.net/w/1.0/jstag
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 139ac56b5f423b27b2d9ac0d217ad2cd17e589b54472e46ed47a01f986b744cf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18069
expires: Wed, 22 Nov 2023 07:10:29 GMT

GET
H2 200 gl0
ialaddin.genieesspv.jp/yie/ld/ Frame E08F 43 B
245 B 330ms
328ms Image
image/gif 222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ialaddin.genieesspv.jp/yie/ld/gl0?zid=1551001&asid=11030163&idx=0&cb=a3de1ac15d&l=p2K9JnoLrU2Vv-zG0m6mQ42ieDaVx3C0dsWvTQlf8CKQnpTqjUFWZ9rboEiHO2hWJ9skxX61Hiht__UFSt6UyQ-L0U5QqFBOzphya7GR1K7HwfWSXAd-heykMPOnRc6WRpVC65kR77vskLm9_PskxZSiADXby3KFrAet5_SwDPtpNon0LNqurj3C9rMr2qxVtO6RtANsiouTnj95XktX7in-vR8D-QjsewrkfpytoRn24fintAh_0HG3Jl-PQLyA-qmxp_C1-3j3ECQDxv1AnJwj3NCDAy8XyEYf97PsthiLwDCxDPWEgGgs87CNhetpX3CHzNgUWetnyxm6-NH2aLfwyyufqHKz2TBWdb81uDGhalgxcvTiREG7TU56sZiSUwJjeKrGKKorzydPtOgpNKSf0AoqnoVAj_6ozLXzFBOuSOAyHKVoISzhBLh84WpD60EgEB0jbtRmN59fuWyGt1ysNl-wSuXMdSgIeEWCgn0jyet3AHpH67VQM2zuk8mgaTdg-FU7oJy0CU-M0LMoZTtNPJnSM_owSEuxB04IgujNwbGj8uEwcnwCVMfTaE_zSsmSu99Sgrcd6EEZuS2iA8PFKdYJuuD8ORtyCia9ks231s0QS0OG3zu6F_LadmXz5SL0hj-s1OkaVz27G8nDY5mUu6jzhgSZhpxlBi1_bOZ7QJVPs0rkPTRDN-8drF6ylATqrGDkpPjQCp4qMJO_9wzLZSt4fxSpxxl18s6zO-_4v69FNNYyvh2brg1x5bx1WwYvDspKb5XeKnFO4cp2cNzxLrsKa1GcqnaQu8eMj5t2KXR5RMdzF-yTi2-HqZP5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cs
cs.gssprt.jp/yie/ld/ Frame E08F
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
https://rt.gsspat.jp/lcs?lamp_sc=aladdin
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=e291e2cdd82a56f2abb3bee7ead582ae

43 B
341 B

311ms
290ms

Image
image/gif

222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=e291e2cdd82a56f2abb3bee7ead582ae
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=e291e2cdd82a56f2abb3bee7ead582ae
date: Wed, 22 Nov 2023 06:10:31 GMT
content-type: text/html; charset=ISO-8859-1
server: nginx
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

acs
ialaddin.genieesspv.jp/yie/ld/ Frame E08F
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA9NpYltshds9GH4_cp3sQwrjRCciqYop8-6Or8y0wRlw-nR1IsWmalwTlLjx57vnNg&format=gif

43 B
367 B

300ms
287ms

Image
image/gif

222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA9NpYltshds9GH4_cp3sQwrjRCciqYop8-6Or8y0wRlw-nR1IsWmalwTlLjx57vnNg&format=gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 22 Nov 2023 06:10:31 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 43
p3p: CUR ADM OUR NOR STA NID

Redirect headers

location: https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA9NpYltshds9GH4_cp3sQwrjRCciqYop8-6Or8y0wRlw-nR1IsWmalwTlLjx57vnNg&format=gif
date: Wed, 22 Nov 2023 06:10:30 GMT
content-type: application/octet-stream
cross-origin-resource-policy: cross-origin
server: nginx
p3p: CUR ADM OUR NOR STA NID

GET
H2

200

acs
ialaddin.genieesspv.jp/yie/ld/ Frame E08F
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA6sktT-sMa5AFUyEKEvx7gzI-hl9aHn7AUfA8myDtQxx4joE-tgGAyP2RrR34tgAug&format=gif

43 B
364 B

468ms
463ms

Image
image/gif

222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA6sktT-sMa5AFUyEKEvx7gzI-hl9aHn7AUfA8myDtQxx4joE-tgGAyP2RrR34tgAug&format=gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 22 Nov 2023 06:10:31 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 43
p3p: CUR ADM OUR NOR STA NID

Redirect headers

location: https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA6sktT-sMa5AFUyEKEvx7gzI-hl9aHn7AUfA8myDtQxx4joE-tgGAyP2RrR34tgAug&format=gif
date: Wed, 22 Nov 2023 06:10:30 GMT
content-type: application/octet-stream
cross-origin-resource-policy: cross-origin
server: nginx
p3p: CUR ADM OUR NOR STA NID

GET
H2

200

cs
cs.gssprt.jp/yie/ld/ Frame E08F
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
https://g.c.appier.net/ge
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=4EF1mxqYAsWOcWr4V5tdZQ

43 B
338 B

312ms
289ms

Image
image/gif

222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=4EF1mxqYAsWOcWr4V5tdZQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 06:10:31 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=4EF1mxqYAsWOcWr4V5tdZQ
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 97

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6891 0
56 B 367ms
366ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9851237016770&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6891 0
56 B 363ms
363ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9851237016770&version=m202309260101&ct=77&x=1&cor=12114528323122123000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6891 20 KB
14 KB 155ms
154ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdWu0bySOp9zth0PyGxm6OoogSfaMSbR3GSFrrPJwgHIraGZWBMGgnwCmZfydrqa7pbO1rOeOFQoxwISXfL7DsQ5E38j9WEYcWg72pssI7D-LanbFdK4Frr0cM8yS2gjnOxi6JIhzZTf4tvEfBqY6eT8N26BWLGH5hS1EjuvET1uYhh3k&cry=1&dbm_d=AKAmf-B9ob5uhFaWfFRbShyIUVBCE14LK5CNSKT9FAc9dFtPNUtCUAVi-HQ_j0tNUzCItYFgD8y5qmdtqbx6SbP8fqDiyJi91RXtWgobfK7tH0X6qAVtggyIEGV8YJjCfEXwrUd7WqbizkmJXM3G6lO2lnGOFVIqD8SQAEek7QZz4a6-OuOcGYjjqcQOQ6kRMbT-8wii-Ec6h2v81Meccx7zFLRXadzJcS0yn4b0sbSZYccOtSCgHJaj32lXRVfX3rnEL6plxo8swVciXZZp42kpWhBSNYladH4KFZ1WR8LnaX_SW5xetfa647q5oSZJsTrTDHC8dvaI0XU-vDhzcGQPM1LtK97iO_SJvagOEUcIVriotblGxp-eb84huksb0JNoaW8ajSewk_uqQVsFOAW2ZAfhnemMeCDtvkdW6AbDVHR1W6guyWGfwQId4KVB-66JPuXFjnn2DHJmygI1Jyvz04pqPafGAsZn6970RaMcamA67q0f9FK8NmN-1vPFIe6w7qLZbx6KsvzHp3RV9TCtk78gtCFf8Beqzi3Ac8UEmpMnXy0V5nI4ZEg2ACRpVxxj7xO3PLYy3FEBGMKktY7X79yVYisdfFhjgiYsYmppMxq1-gZYT99-OHlZOiFTLTK6PmwmQx-LgjZ9LJmv_Nd3jsJ9IdCemCsOskrOpsp3OY97GFskOtCTWm-vRsO6vJjhuKZcWvKPn07eVva7w4ndXJhbGC87rb3p07ihNUDdt2-KiRYwHfFco8diXLCaQ2gUPAS5LYMUYByizNCtKuoOc8kjvgfDiAUZU1vUTLI4Z3JTXpK9g2teNJmKVHqS3mgMd9osAezQlkeHX8_kqAIVcU4093dGztApaKUWpV94MkpD4KNlw2myhGxjCAfOf391e4_wGVFUnEWILbNP6lHmO927fn7Ia0Mii9Gdcp370YpPDcUiIUD7pTJoHz_B34oO4ZwikfnpVHUDQJ_URa1SMzb-ELpaHUOIQr0etC0xhF_jiqkBgGZe5EQqZDpwrxpcl4WTiADt5NkRp_wIM61O-vFNWUr8H213RaxZNbhKwwyvmz0lXuIVj7zcfUulWuL8cDcRG7jlgJn-3r1uR-GuSghVUiHM48xDSspYUomgNyzjwO_F43eD-dT4rCOG5Nfy8vblxGX7qtdvNiGM3b6OlGnf1dhOP09kt8PODE23hCcF36RGGvI2DwCs6e8AdHO6lmO0dxPAdjPc_-FSCxXu8qNTypWH5uUi1w1iQpm0l3GzeQcIuRw76TYz_Hr1UgDD6EikiRAZCQ28c-BGRj8bNIBb3DuTB5u-OjPW9EvkevwGIX5J1jkS-2NaNZ9M5bebLZJEPqsgeYUD7Q4Oi1fmoxXoxtpDILInIRpgKV2LSMehEsS5vxfVwIENwUtGZBSYfWHp7Js82Ziikg_ujvf_2YnkBB-0pecprZMdT6CMWvJ7UkNbUFb6iZbjb6vqlEfSh1vsvBs6-owhtsCQCumT26iBzLEewIelBlwBwDHDM5z0soRbFIuKYMvhHdx75WN-rtZsYefLE_4CHhx0nf6-TdKt0pCvrn8LONtODPrlhQTJlJYw5gokUmGAQQXL6bMU8yP2N6ooprMh9c1h5zOe8nolvRWADOltNAMp3pN1NCLYFZ_H47m9PrfXMzClXUzA9Xg50OiQ4yFwMInlODQ2byZ0t8o-pthifvHXqHZYIDRWQQmq4ghMU4VxZji2VFuE05ecZU3hBd51whFT3ZImRvRfcc7e3p9mCzvH-uvjzlrDTe0szu0ox34RVgNVZeS9GveSnOKbCJxQLnAsrwAbLL4nvrMJi154ayJD59_F_tPprzAIofao_IpK-XL00E_9zPtsNqw_C3B8ltoP55QNQeUY0X7JQ5l6VtaZ9n8HafoBMhpeozaP8yYlwtPPLn-nJrBVOhRKeYK33JW_n3N-EnO6avbVA9KzlIhZ0JmOw0xiPjrB_nXnOfZOcRzqz_P_bIwPXeELtlT7-DvhWyynbHAJNIZT2no_5XDnMgcDQQOSZWtHwNOWWerMgSrjgPbbn1nfLFvxFhjPpjAPXTaRC1rHUC-KeUYMA4r7DWwp1Mc-MTBjMibm2BU97aN1tKoNcnLEmKPN3Z7lYCKtl7uHYZ5X3vOsPBXD2b_CoyRVMeoIYerf77WaXdqbEW7DYmNHnd9022wcN1jmVLIo910stTM39kKKene_7oy-cTC6D1k_22rrFZekCqsjwp3fBhli0_oEZXbK9yTi5Xc6sTvmZbJqCncgBIXCuS4sd6Ez31hNEAQNP7LASoPCd-CJZToztXzH5Cx1gnhXJSN9oFtTqI5097Hx-5hoz-wvZbVhNzB0Sawdhag4NrBqUBwIfHVubrTD2nrVjKiaEKutvYGBdToVfdOqj2UIB3mKzASZsw-ZVsJcl6SjdNeW_o7Bjnkesa26Vu7o9h7fSIFpiUDWS5FdCI3ZDzdckwGtpdeeoKF-A_GEbEHo7Ptbe2nd038z7NvNiL73IllQp8OztXHsWRDLIEhnaESUxfgrIJZt5mLJm-fM1dj4QBGfre65fbdiFXUsaL2tzH9RNFKEJ5tF-854KbDXPt_3-MKUVLXPuK_rEpBU1_gC43HKbtrscosO1W-dhiIBg-t3auqLfzMCmt2d9NlTzRvNQErgqFscpLrEhiI9CyEUgSTq21IL-WfzU09zKPW8OMmTepLEudt53I2eILrGHy6aF_I3yA3ssugaVY6osb7PInkbkQoxHv_MA4Pp7_PdRTvv3qihKUup1qyHycArnPrI7KD2ick4WDeRhiNXZm5fMIKaHFMUzme3QMmj4HMvR5dpw2NbAafSQeLCz2xdnZXtFHPQ63i07xAWiBt4VwJGTsxXi860_Z5MJ8pDPZkKtDrhWP-0nBKCLbZJBB8S1KtZJ1WuTeM0tfw1eQnCZBQesNkz0rYmHzoaOl3DpMb066YWzUPr9PrdwMdMqsI7b2Wr7V4oZzT9yXp2_M-7e8Cwtpwp-_q7FoYVWTMjyWtaAF_GlnQnNlZbjOyH_F19cw20gI7dEXzAL2yZlQQPbHCUZ4umuzz4YVyplqZm_ACmNoxvGqLlRsfQ2_VgJTyB6o3scmrjxMxMwffL1bFOFy3FasBOBnaY8MiEhWhdAI5GKLOD2hjBhLC8MPc0RUz9MTPeQW7YIed3QV8ZKD9NM1RtuupBP1a2QEIyAM6WdqChrKV9bIUH9uLnqCJUY56YoMNLFF1j1l3kYVcvrNp_lua7iR5u1ttA_HUnfq6CxEiNb8jQJdgqRSzozMP3EwW_90J5cyZ-WFecPaYfnU3hGGVx6n7WEmR1SwsmuencQdnMO52WhzSm_IzLTlCTaBx-o0k9ESt03klXzFSNJl72wGZqA7PlZqzNwMkX9mEbNerp6pwFnEX-z8w9T3e3H1rWHXVvHpcT0nkvSQLvC2uRm0Wk6WGPN0yf7hx-kK2otYfj1vqGUnj0yrAXNQg1f4-O95RL-Fr1n8kF66Teh6nIofAZ7H9Deyy7zqjr6RmqXUK9r67flVgKA0AcWos2xHTNrR5C5nVjCKWQJTr7FiO2gPc4CsaoUeaRaU_GqfU8PTkt_R2JnOqNXCit_VgQrJ8h57ICSZDTYYVpZHce8F79NVHftqjmxrZnH2P-qetasc-pA7lCuqdF-mrmnAtfjzUTQoh85VSmi1Bc4uUsC20ya6s02Xr938-GpKV4A5lHRmIQP7oJY4c0vySjADH1-c2qXbRnxMuxipiXO26ijHobGWDjA5N40g8awltDnsSI-sWXxZk2T-6dDoVzObPP7b2V-RyZfSqBGy6SgKFnknIaY0d3P8Jv_4zUoV2BprIxx1OAyO50h6r3Bgg9wTyIihFQxfyWyfoCbNEVRSUIkATRkSrRnsRNQD7NZO5rWrE0feWXTLvR5-Ap-ERPZkzGDkTsXNAuok7RPYbKQlDSBwAMSio3PwEb-xmh1wrKYTiepSIhIXQSXLBZ8_gSHqbypIJjh7GYMqRj5CoMVafQ8Kj3wQ5dFYC4gQIGDjMcu9E_ZlXseTgmNKAtHH8t9dV7m95-QotiPHDOKy67-uW84v2WXy6rZ4uTM5KgrsGT5vFgA1HJysbR2wHwdVpBxYg8Z4eXINUHcLs1L2pBaGklP_cOUSk&cid=CAQSOwDICaaNHptKOG04QbCmP7fDMckfNPT93H6-96zY4KthZAtqat-WpwOscsaqeJsFUWShwfrTDk01A0D4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=12114528323122123000&adk=2228999115&idt=1317&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da68b30c03d2d60900f22efb29823e642b769384a0078b420dc84716b1aad590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13964
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 1069ms
618ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 06:10:30 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 537E 0
56 B 270ms
270ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9876814969544&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 537E 0
56 B 206ms
206ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9876814969544&version=m202309260101&ct=77&x=1&cor=8837078115314595000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 537E 20 KB
14 KB 268ms
267ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpfuAm8J_nsSTpAbrvomGmm2o2hSdF2tnqhLX9BVazxzvNYrPG6EdHovh8KNn3G4HBHX-9WD3xjl8lOYw1oYga7sIBk-1fzFihT4IO7hLZGY2So__Ao54YYZ29dAdYO9JULb14d0fRru_lYQwxSHyGgFcIO48lKwqPC3eGp7YZs9gibKc&cry=1&dbm_d=AKAmf-DpLHh65LYE8OIEEGVFpkJzgo3h9L6cqmpeKpza-FdSnzT9f8gCoFcR5-LRlcMP5QCc0x1p6KUHtppVtdIEVK6V99Inl4MOZ-y9Y9nTffbpuL6GvXB_HILZLk2a7bIzYa76XQcsUTRDqT-y2fb77bNYO1V6fx_ohYY-yOll9Y4ENXItw9AqP75WWfRYUKWW7IbVTI0btlaTGUAtQFksBz2P4w809iLAMx_gPc7vz9r_DLAGACdOnN17Rf1bS16eQomidMc7FydQ-yagwznRzSjiKj6WdP--ULKo_6PzhIuLrIA_bY5-ASg6E-7Dbpq6wJ2FqmDoJE9omsH06YRw7BiRV7BAyRsSy8c-nB8MTbK0obf-z03uFeRZBwYElfyvdckndoXunxXflDBrV7jU1BJw1dwgg0VLOxxeI7iaxwGIzPq3OYJ71GhCmx8ui22Fafl9nuu3pw-QoqEN2rGjpMaiERNSvz-WPEY1Ms5TsJnt3WqPF1T7Ms4edjEUxYiS-wBHdcugwnTOXBYzi_hXDYxqcVgxL6OVzWXMwUNAyL9_cf6YWSzg0WyTzELTsPRtbUJ3o-xH1Zk0A0q7P7AOaII2JdCopptgUe2syUaGiyy4G07yFOhtL5BLG0doZWq0nHlcVcP0qS3d5QTKjgUd47JaBDB1zqDRNM7DfR84drQvBBnBVVNsp1h_g1Enu56wX9SwFqq6pRiOuADTXuHXicXKInCQ9dD1eVjQf6lNcJpz2fn6A3-qRytyOD2dES_DOBoYyZvAm06zI0VN0TKFoGTE4R3XX6hoj0e7Lg0SnioSlYv75i8UHP_M9LRdHL01TP8C4NtmyTOtgEMb6tJ2luV3W_WtgTTKKwxbTgakYQZAdCjEAjqS5RPw0Dd_POOXcYpJka64vOG1APilV9Z7kShChndsnjV-M6JXWuK9FLzyTu0JanSF98Ghq5eyy9ArGkCK8AinsUbxGSYrokNoMB5U4nA_cMAQs13gbpIYU2_Mzpg1KT1HqmVDG6Ot5aUdl6InT8PI0iBlRxWHAfFL0nd7nBpFE_CVfZoc0_J2zTl3oHKWfRPznSCX_Vlu0s4KIlpPNM8SmPGrE7xIozNMG5EWBjF8x88dsYWDqt_ENdVziZi2mTNw8MVdngLgelS1CJ-ESIpbauU8D-mI2EWVC83ALoTYlz6P-KoHJ0rTICuI27GIjj1sirgL_R6TI0YIGXu05nfsjM8xm11C1Q7-G86CD_UHCaJEmGsdIJE2oSZQtaP2aoymmQvOONANczLgU3F2qAA3RltV-0tM0rXgCNeAqNChz6DZpNuGQCzF6ZyJ7yb9tfhgilrIAnZkL51deRxK6gi_Q-PlGLHHmW5DTTdyRvbpj16RMjOmds5wqHqTHFfrxAqqr5niDybgauJHeFgBEJwSpxZpnh6zKOgCID68dK1-mj8JkPV0fy7gcIzggS3xn1ZXkFQnttTKa8Dx5yy7Ze17-xV_e07BcUE-3bKl_yrNneAOzLxNLvD2NpLhIUS7ssaSnfbCxO5QZCesDqDO1SS91Cx-kIEEWDPOyPhj5YvthLIAyIC8-I-FxkjRgpO8zUJ5logc4gtl7hFZZdq4aH7k37A9PHXBccbsiXjWH4E7PL2rDzuOxgULWUbAUXXoHsITyR87XqeQIocCduYbQVtzoGp9ju7U1AApgrwODRioG1vEEWTkMGeyy2ZJVDwE4N6KJYyhlvCamqGqshbJ8vx3tlwpPpTLvIonrSt-Zp1mBF-5sdJnlWoaWkbz8Tl3vEsINoHxFpP-cB3GhQlAVRRq_lGT06Y-OWq_nh53C_IsKb_Q26xv5qZL3vwxttmJhzaHrn0x_RvlgJgIWAUZlDo0FNjzGVwfBarSZOFc_5kVfmkjHjNdkejhqUjvNHmtsQbURlpl4pqgKjMNI77hZEnmAB3nG0e5lB1a46JeU_62_9GG4wLoEM3pEtES2N06XPf96CEqJzaGZnz11TyG5TlqVUATiP5G_rkoYqfDGjAbMPA3SN_6S_QbLpAuKsPIQMKgNk0TlG3hawdKbm5VnjnltMjaOLKqLbhZsZtPN8myxLrJKUVL-rYnwTctOODwwszFKwDjp6JFOCEBuiXhbMElCfB76PUXoMJ0uP-CJz-QgP9gXpnNyk9IDPyhXT1VsabYL1Ls10vPkfgEuxj_Xvk82S8-RKhoQcNwfOa2HPmu7sEWfONq4S-Sw35pc1q3uf_QTdDM-x4M-4LRTPr8S4oSyKRIgUtM1XvU0d0cdGESj_-MVNMgGhBw493eKQCCjYzZkpGsyEttrYmJXlEhkGaPgc2iP_xN5hEzEh29op6uGI56KjDUkQ-Kf-w7kAKSiTTxI9PGaUMM55LhJyOMBFLE2SpRYl0GTr6IpefKckGx-N6DWvWTdwRAAykfQ2HY3D8rL2tShCXCW_4ppltmCktoqBn5AeEF2RSxx2xFoQPs_4LrcLTLn7dnXrbQaFJ6dSGB7KaVaOb8HkLnCClJ2Yi5TADK44b-Jm5x_ooCFB5MJXPICm2Z8_Ib5N8Ofbq59pIUO3jXrNWaXN5chdg1gArbCnEdlIMbxkQaP1lVwQJq-gCEZ_A0ZmCBIP_IZtBxNf5LVQQio09_B8PwXV40rhntABgPfPvdesm4XpPp9dZ6oHwwh_SYrGyKdOKsCaEhoWcgxTfxiUeM7xE5zjcNkZ6-AkWvBnpL98gUSUCn9TCB2AD6Ub4CO5Wuvdsk3ZRF8nbp-dsDY64Q4019T4I0WED2uwoX5tAbevYTf8fzL7Ux7x-QRkNkB92fpi6JxRECS1EX0y4PlQHSNosF7k4viKoIMfP-okQvuSZbNFTVIeXmK-I5ck8lVOgNntwMw4pawRC4vYJawHXqlMjnoq-qqOQM4mGCiIWN5usjO48GaXnCeD9jxPUVtSXqm8rqoowhIo0Z8u5A-Xfc8oSio0mztEEkd45GRuxchu6uEHtZtOwoPug1irlDDQ7ThaMeFyToE0eTRoMg95bljQnUrZ_40MTB5Z59E9fwNHqtJzUx79TAFMb5mm4HWfmx-gLfppqwPbxFFjplIxSgH2yfEgKhTrQQG6wMNE7jALjrIGWet0aEqZy7MiuvHILAPJMZJja3AtEp8S6XSFkIZTgzFhBXqSMyZaPiUrosWUYQDKDKz7SnLt6DWC5xXhkjGepF8mJeEWBonTb-ih9sJbF_xvqMHzAij7CmV6lrdAH4gOXwoZ37wm11tv6R6iCjUR_PG1XGUfLxBJs3FIb3184SHTEzTQMa8qjpzC64JyouFRwrYOt6gOngyn38YwfM-Tq83n_qGQ9E_1Qre9bZgaWhr4mKQuRs-noA1zrj-uUi6wZ__hgFR6hnMcmO1h5yX9zV-Qa0NEPI-zCNLRJIT0A5vpa_Kzh0rYXKofC14d6-qGbgIuz3Ljy69TPP1D_oYXyFArAhQU2eWxdPSzLgvsOlDUsDdQ8xkyj6gHDnV5LcX7uRl7xHmdMZQzwTVB2rZ49ztQoiNgSl8S-YMEG10xQWzLR7uDhcJvyVHiL0qs2FTevyXc3ObnU4Ms8fLdqqO7rfZSAK6yGzJRqkN-uCdAR1PznBVcQfy2vPQQyHke4Am2lKwXfRpHanZ0pwCZk99cuXB9qouCPJ2IcmfhA75qNbbiA4YI9IeiX550Y5Ic4qq5yDJH2Rr9O2vOn-d-4IP1cPxq7Jp5zlcKKF4ISNhr-ghGISur1TvHcPDR3Bgh5NvTBgCbny86uldy-5ixJn6KnsWrxx553nmrAqy6X8MMUmN1bJMbfYLbv3D0rg7gNWVPHTrAUfC3Yool1dOWT7-LW6C7AAXmnWmIJX6baBSvF_iskXBWmLcMXdUdJ4aC0GQ08f2teCKUiyTpkznq72j_bN7uAbncwheL6Is7dYLw6DgIzl-etVDcTG5Alhewh9q_I9jWXSxMuhG6GKpTMR5GQ1EZQh83iMB8PvPCO6b-51Dfmh3NXjeNI-LJIytbgE6_wGGchy5EjUrXjsFciVBbCGZK0iADlD8ZwzGwb4DkkpwkRoRA-B9wGaL_qa2heAV1gttT_G4HUDkOBBCIDLeop2WX5t5EKqvikauy5HhyGRSrc8hLG0cpUpIcBZ3nqGD4Wl-pGW-bjva3uSrPr6AVQjpVUNBRM&cid=CAQSOwDICaaNHptKOG04QbCmP7fDMckfNPT93H6-96zY4KthZAtqat-WpwOscsaqeJsFUWShwfrTDk01A0D4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=8837078115314595000&adk=3047537735&idt=1360&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3f52624dc23fa221435871f7ba74396ae6149595bf6beae55b46ba96b0aa4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13913
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7E7E 5 KB
3 KB 108ms
107ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=68934215;rtbwp=0.41263-xNdR7SzdWtAlBC1XucTT3ugHg6zLJ-X30;rtbdata=5Jx6L0QThhK4XNCmh5bO5VK-qVI8CSOUNxpxAQCF5ptzfT45HjTjpuN_1Ynkn07DFMGmqtC2H4NGZm09yRIHFZlkfych4hZI9VbzYw3tmzqG4ZevaM3rWTrZKTV8Y1VBhNFK3-S_lJSQyaQwbEd55NJH88cEQbvbtvOTMy_pbEs__98DfAgNaSHmrY-MEG7vw3RIFXE91FqrVOoKh7JTAv21kHdFaNO0MNmdWtf3Jk3PSR51BlrxoXZXo3T4B0bZ_Ui9ccdXRTYjLmW8vfsBGood2eCPir6ci9pYnHSjOeQHbgsUbiH8uMnkkJIQ1pUM1z0UFkcNjzE5kB31tK4hrtcJ0JcYRlzWh-26oCjOxNe5GSRTThbU1GhKWuAwb2ycslAZDcdgAMw1;;oobclicktrack=%24%257BCLICK_URL_ENC%257D;js=1;adfxid=1x;3381;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4505ac05e9dbb76d8fd17c3d55710cd340951877edecef526e6b48a18b8a3d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2636
expires: -1

GET
H2 200 videojs.ads.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 91 KB
25 KB 111ms
110ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: br
cdn-edgestorageid: 1076
cdn-storageserver: DE-164
cdn-cachedat: 10/31/2023 18:59:58
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:21 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 577
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf625-16c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: a044f1577e341a6238db9090ede2c6ec
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 84 KB
19 KB 402ms
401ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: br
cdn-edgestorageid: 1077
cdn-storageserver: DE-676
cdn-cachedat: 11/15/2023 02:37:50
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:22 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf626-14fe2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 19389a979c67587e286340832b0f1500
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 can-autoplay.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 11 KB
4 KB 580ms
579ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-588
cdn-cachedat: 10/31/2023 18:50:43
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:16 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 565
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf620-2ae4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 7de4126fbf4fd5609fbe109e02cc9396
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs-playlist.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 5 KB
2 KB 579ms
578ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-168
cdn-cachedat: 10/31/2023 18:50:51
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:20 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 573
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf624-13b1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: bcc2df6d36b8e52cf9a1e9e7bead7f46
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK c2ec21dd-6261-4b3e-96b0-9d2f257e408f
https://www.bg3.co/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/c2ec21dd-6261-4b3e-96b0-9d2f257e408f
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6891 41 KB
14 KB 53ms
53ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdWu0bySOp9zth0PyGxm6OoogSfaMSbR3GSFrrPJwgHIraGZWBMGgnwCmZfydrqa7pbO1rOeOFQoxwISXfL7DsQ5E38j9WEYcWg72pssI7D-LanbFdK4Frr0cM8yS2gjnOxi6JIhzZTf4tvEfBqY6eT8N26BWLGH5hS1EjuvET1uYhh3k&cry=1&dbm_d=AKAmf-B9ob5uhFaWfFRbShyIUVBCE14LK5CNSKT9FAc9dFtPNUtCUAVi-HQ_j0tNUzCItYFgD8y5qmdtqbx6SbP8fqDiyJi91RXtWgobfK7tH0X6qAVtggyIEGV8YJjCfEXwrUd7WqbizkmJXM3G6lO2lnGOFVIqD8SQAEek7QZz4a6-OuOcGYjjqcQOQ6kRMbT-8wii-Ec6h2v81Meccx7zFLRXadzJcS0yn4b0sbSZYccOtSCgHJaj32lXRVfX3rnEL6plxo8swVciXZZp42kpWhBSNYladH4KFZ1WR8LnaX_SW5xetfa647q5oSZJsTrTDHC8dvaI0XU-vDhzcGQPM1LtK97iO_SJvagOEUcIVriotblGxp-eb84huksb0JNoaW8ajSewk_uqQVsFOAW2ZAfhnemMeCDtvkdW6AbDVHR1W6guyWGfwQId4KVB-66JPuXFjnn2DHJmygI1Jyvz04pqPafGAsZn6970RaMcamA67q0f9FK8NmN-1vPFIe6w7qLZbx6KsvzHp3RV9TCtk78gtCFf8Beqzi3Ac8UEmpMnXy0V5nI4ZEg2ACRpVxxj7xO3PLYy3FEBGMKktY7X79yVYisdfFhjgiYsYmppMxq1-gZYT99-OHlZOiFTLTK6PmwmQx-LgjZ9LJmv_Nd3jsJ9IdCemCsOskrOpsp3OY97GFskOtCTWm-vRsO6vJjhuKZcWvKPn07eVva7w4ndXJhbGC87rb3p07ihNUDdt2-KiRYwHfFco8diXLCaQ2gUPAS5LYMUYByizNCtKuoOc8kjvgfDiAUZU1vUTLI4Z3JTXpK9g2teNJmKVHqS3mgMd9osAezQlkeHX8_kqAIVcU4093dGztApaKUWpV94MkpD4KNlw2myhGxjCAfOf391e4_wGVFUnEWILbNP6lHmO927fn7Ia0Mii9Gdcp370YpPDcUiIUD7pTJoHz_B34oO4ZwikfnpVHUDQJ_URa1SMzb-ELpaHUOIQr0etC0xhF_jiqkBgGZe5EQqZDpwrxpcl4WTiADt5NkRp_wIM61O-vFNWUr8H213RaxZNbhKwwyvmz0lXuIVj7zcfUulWuL8cDcRG7jlgJn-3r1uR-GuSghVUiHM48xDSspYUomgNyzjwO_F43eD-dT4rCOG5Nfy8vblxGX7qtdvNiGM3b6OlGnf1dhOP09kt8PODE23hCcF36RGGvI2DwCs6e8AdHO6lmO0dxPAdjPc_-FSCxXu8qNTypWH5uUi1w1iQpm0l3GzeQcIuRw76TYz_Hr1UgDD6EikiRAZCQ28c-BGRj8bNIBb3DuTB5u-OjPW9EvkevwGIX5J1jkS-2NaNZ9M5bebLZJEPqsgeYUD7Q4Oi1fmoxXoxtpDILInIRpgKV2LSMehEsS5vxfVwIENwUtGZBSYfWHp7Js82Ziikg_ujvf_2YnkBB-0pecprZMdT6CMWvJ7UkNbUFb6iZbjb6vqlEfSh1vsvBs6-owhtsCQCumT26iBzLEewIelBlwBwDHDM5z0soRbFIuKYMvhHdx75WN-rtZsYefLE_4CHhx0nf6-TdKt0pCvrn8LONtODPrlhQTJlJYw5gokUmGAQQXL6bMU8yP2N6ooprMh9c1h5zOe8nolvRWADOltNAMp3pN1NCLYFZ_H47m9PrfXMzClXUzA9Xg50OiQ4yFwMInlODQ2byZ0t8o-pthifvHXqHZYIDRWQQmq4ghMU4VxZji2VFuE05ecZU3hBd51whFT3ZImRvRfcc7e3p9mCzvH-uvjzlrDTe0szu0ox34RVgNVZeS9GveSnOKbCJxQLnAsrwAbLL4nvrMJi154ayJD59_F_tPprzAIofao_IpK-XL00E_9zPtsNqw_C3B8ltoP55QNQeUY0X7JQ5l6VtaZ9n8HafoBMhpeozaP8yYlwtPPLn-nJrBVOhRKeYK33JW_n3N-EnO6avbVA9KzlIhZ0JmOw0xiPjrB_nXnOfZOcRzqz_P_bIwPXeELtlT7-DvhWyynbHAJNIZT2no_5XDnMgcDQQOSZWtHwNOWWerMgSrjgPbbn1nfLFvxFhjPpjAPXTaRC1rHUC-KeUYMA4r7DWwp1Mc-MTBjMibm2BU97aN1tKoNcnLEmKPN3Z7lYCKtl7uHYZ5X3vOsPBXD2b_CoyRVMeoIYerf77WaXdqbEW7DYmNHnd9022wcN1jmVLIo910stTM39kKKene_7oy-cTC6D1k_22rrFZekCqsjwp3fBhli0_oEZXbK9yTi5Xc6sTvmZbJqCncgBIXCuS4sd6Ez31hNEAQNP7LASoPCd-CJZToztXzH5Cx1gnhXJSN9oFtTqI5097Hx-5hoz-wvZbVhNzB0Sawdhag4NrBqUBwIfHVubrTD2nrVjKiaEKutvYGBdToVfdOqj2UIB3mKzASZsw-ZVsJcl6SjdNeW_o7Bjnkesa26Vu7o9h7fSIFpiUDWS5FdCI3ZDzdckwGtpdeeoKF-A_GEbEHo7Ptbe2nd038z7NvNiL73IllQp8OztXHsWRDLIEhnaESUxfgrIJZt5mLJm-fM1dj4QBGfre65fbdiFXUsaL2tzH9RNFKEJ5tF-854KbDXPt_3-MKUVLXPuK_rEpBU1_gC43HKbtrscosO1W-dhiIBg-t3auqLfzMCmt2d9NlTzRvNQErgqFscpLrEhiI9CyEUgSTq21IL-WfzU09zKPW8OMmTepLEudt53I2eILrGHy6aF_I3yA3ssugaVY6osb7PInkbkQoxHv_MA4Pp7_PdRTvv3qihKUup1qyHycArnPrI7KD2ick4WDeRhiNXZm5fMIKaHFMUzme3QMmj4HMvR5dpw2NbAafSQeLCz2xdnZXtFHPQ63i07xAWiBt4VwJGTsxXi860_Z5MJ8pDPZkKtDrhWP-0nBKCLbZJBB8S1KtZJ1WuTeM0tfw1eQnCZBQesNkz0rYmHzoaOl3DpMb066YWzUPr9PrdwMdMqsI7b2Wr7V4oZzT9yXp2_M-7e8Cwtpwp-_q7FoYVWTMjyWtaAF_GlnQnNlZbjOyH_F19cw20gI7dEXzAL2yZlQQPbHCUZ4umuzz4YVyplqZm_ACmNoxvGqLlRsfQ2_VgJTyB6o3scmrjxMxMwffL1bFOFy3FasBOBnaY8MiEhWhdAI5GKLOD2hjBhLC8MPc0RUz9MTPeQW7YIed3QV8ZKD9NM1RtuupBP1a2QEIyAM6WdqChrKV9bIUH9uLnqCJUY56YoMNLFF1j1l3kYVcvrNp_lua7iR5u1ttA_HUnfq6CxEiNb8jQJdgqRSzozMP3EwW_90J5cyZ-WFecPaYfnU3hGGVx6n7WEmR1SwsmuencQdnMO52WhzSm_IzLTlCTaBx-o0k9ESt03klXzFSNJl72wGZqA7PlZqzNwMkX9mEbNerp6pwFnEX-z8w9T3e3H1rWHXVvHpcT0nkvSQLvC2uRm0Wk6WGPN0yf7hx-kK2otYfj1vqGUnj0yrAXNQg1f4-O95RL-Fr1n8kF66Teh6nIofAZ7H9Deyy7zqjr6RmqXUK9r67flVgKA0AcWos2xHTNrR5C5nVjCKWQJTr7FiO2gPc4CsaoUeaRaU_GqfU8PTkt_R2JnOqNXCit_VgQrJ8h57ICSZDTYYVpZHce8F79NVHftqjmxrZnH2P-qetasc-pA7lCuqdF-mrmnAtfjzUTQoh85VSmi1Bc4uUsC20ya6s02Xr938-GpKV4A5lHRmIQP7oJY4c0vySjADH1-c2qXbRnxMuxipiXO26ijHobGWDjA5N40g8awltDnsSI-sWXxZk2T-6dDoVzObPP7b2V-RyZfSqBGy6SgKFnknIaY0d3P8Jv_4zUoV2BprIxx1OAyO50h6r3Bgg9wTyIihFQxfyWyfoCbNEVRSUIkATRkSrRnsRNQD7NZO5rWrE0feWXTLvR5-Ap-ERPZkzGDkTsXNAuok7RPYbKQlDSBwAMSio3PwEb-xmh1wrKYTiepSIhIXQSXLBZ8_gSHqbypIJjh7GYMqRj5CoMVafQ8Kj3wQ5dFYC4gQIGDjMcu9E_ZlXseTgmNKAtHH8t9dV7m95-QotiPHDOKy67-uW84v2WXy6rZ4uTM5KgrsGT5vFgA1HJysbR2wHwdVpBxYg8Z4eXINUHcLs1L2pBaGklP_cOUSk&cid=CAQSOwDICaaNHptKOG04QbCmP7fDMckfNPT93H6-96zY4KthZAtqat-WpwOscsaqeJsFUWShwfrTDk01A0D4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=12114528323122123000&adk=2228999115&idt=1317&cac=0&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 07:58:52 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDYzMzQyOTY4MzM0MQogIHNlcnZlcl9pcDogMTM1MzgyOTQwCiAgcHJvY2Vzc19pZDogMzI1NTE2ODQyMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame 6891 0
848 B 441ms
199ms Image
image/png 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDYzMzQyOTY4MzM0MQogIHNlcnZlcl9pcDogMTM1MzgyOTQwCiAgcHJvY2Vzc19pZDogMzI1NTE2ODQyMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogODA2MDAxMDY4MjI1MzE4ODQxNApkZWJ1Z19rZXk6IDkyMTE0ODU5MDA0MDkxNzM0MzYKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTIyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM2NjMxMDM0OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzM5OTQ4OTY2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwMDEzNDE1MzY0CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDg4OTk5Njk1CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mcmFtZS5pbyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2b213537dd009f270000000000000000","13":"0xd92a365de9ae92f0000000000000000","14":"0x22b96808e5acf9270000000000000000","15":"0x50d05c568b8a05d0000000000000000"},"debug_key":"9211485900409173436","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9212252"]},"priority":"0","source_event_id":"8060010682253188414"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal123.js Show response
cdn.doubleverify.com/ Frame 6891 60 KB
20 KB 67ms
66ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253307&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0jDI5If9YZNGe9k9C0ym_X1&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=488999695&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:26 GMT
Server: UploadServer
ETag: "c78e1b8588fb1329342920c4bf68cac1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19651
Expires: Thu, 21 Nov 2024 06:10:30 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 6891 443 B
578 B 1539ms
1264ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_845346075875&jsTagObjCallback=__tagObject_callback_845346075875&num=6&ctx=1828362&cmp=115739&plc=4253307&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=845346075875&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=1.50&dvpx_strhd=1.50&brid=3&brver=89&bridua=3&dup=null&ppid=103&auevent=ABAjH0jDI5If9YZNGe9k9C0ym_X1&aucrtv=488999695&auorder=1011813649&ausite=881479034793&auxch=1&aulitem=20013415364&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=8&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=170&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTaudcc6aeghg%606c5_%60%60fdg54f54h2ge55fe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauK96%3F%5C92%3F%5C52%3F%5C%3C2%3A%5C3%40%5C72%3F8%5CB%3A%5CJ%40F%5CI%3A2%3F%5C5%3A2%3F%5CD9%3A%5CA%3A%3F%5C52%40%5C52%3A%5C%3D%3A%5CD9%3A%5C49F%5C5%40%3F8%5CD6%3F%5CH6%3A%5C%3D2%3A%5C56%3F8%5C%60cA%3A%3F%5C52%40%5D9E%3E%3D&dvp_exetime=31.00&aubndl=&audeal=&callbackName=__verify_callback_845346075875
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 528cf383cc358b65e780cc8eae19cf75167e5935ed61dffb7447a3a610204d49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:31 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/21/2023 06:10:31

GET
H2

200

acj Show response
genieeintl-d.openx.net/w/1.0/ Frame E08F
Redirect Chain

https://genieeintl-d.openx.net/w/1.0/acj?ai=92e9ef1f-a7b9-48b7-a954-3876d349d482&o=261381409&callback=OX_261381409&ju=https%3A//www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-da...
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=92e9ef1f-a7b9-48b7-a954-3876d349d482&o=261381409&callback=OX_261381409&ju=https%3A//www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-d...

496 B
609 B

239ms
239ms

Script
application/json

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=92e9ef1f-a7b9-48b7-a954-3876d349d482&o=261381409&callback=OX_261381409&ju=https%3A//www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 541767233f67c77595a727d57426b834324dea9907c0a4f51ce8621a03884006

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=92e9ef1f-a7b9-48b7-a954-3876d349d482&o=261381409&callback=OX_261381409&ju=https%3A//www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
date: Wed, 22 Nov 2023 06:10:30 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 7E7E 92 KB
39 KB 583ms
582ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3b1eff64e77bf4378206394ce0eaa5726402de0d0711131317f8a1054f460282

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:27:20 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0B74 38 KB
13 KB 151ms
149ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 79898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 07:58:52 GMT
expires: Wed, 20 Nov 2024 07:58:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 537E 41 KB
14 KB 75ms
74ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpfuAm8J_nsSTpAbrvomGmm2o2hSdF2tnqhLX9BVazxzvNYrPG6EdHovh8KNn3G4HBHX-9WD3xjl8lOYw1oYga7sIBk-1fzFihT4IO7hLZGY2So__Ao54YYZ29dAdYO9JULb14d0fRru_lYQwxSHyGgFcIO48lKwqPC3eGp7YZs9gibKc&cry=1&dbm_d=AKAmf-DpLHh65LYE8OIEEGVFpkJzgo3h9L6cqmpeKpza-FdSnzT9f8gCoFcR5-LRlcMP5QCc0x1p6KUHtppVtdIEVK6V99Inl4MOZ-y9Y9nTffbpuL6GvXB_HILZLk2a7bIzYa76XQcsUTRDqT-y2fb77bNYO1V6fx_ohYY-yOll9Y4ENXItw9AqP75WWfRYUKWW7IbVTI0btlaTGUAtQFksBz2P4w809iLAMx_gPc7vz9r_DLAGACdOnN17Rf1bS16eQomidMc7FydQ-yagwznRzSjiKj6WdP--ULKo_6PzhIuLrIA_bY5-ASg6E-7Dbpq6wJ2FqmDoJE9omsH06YRw7BiRV7BAyRsSy8c-nB8MTbK0obf-z03uFeRZBwYElfyvdckndoXunxXflDBrV7jU1BJw1dwgg0VLOxxeI7iaxwGIzPq3OYJ71GhCmx8ui22Fafl9nuu3pw-QoqEN2rGjpMaiERNSvz-WPEY1Ms5TsJnt3WqPF1T7Ms4edjEUxYiS-wBHdcugwnTOXBYzi_hXDYxqcVgxL6OVzWXMwUNAyL9_cf6YWSzg0WyTzELTsPRtbUJ3o-xH1Zk0A0q7P7AOaII2JdCopptgUe2syUaGiyy4G07yFOhtL5BLG0doZWq0nHlcVcP0qS3d5QTKjgUd47JaBDB1zqDRNM7DfR84drQvBBnBVVNsp1h_g1Enu56wX9SwFqq6pRiOuADTXuHXicXKInCQ9dD1eVjQf6lNcJpz2fn6A3-qRytyOD2dES_DOBoYyZvAm06zI0VN0TKFoGTE4R3XX6hoj0e7Lg0SnioSlYv75i8UHP_M9LRdHL01TP8C4NtmyTOtgEMb6tJ2luV3W_WtgTTKKwxbTgakYQZAdCjEAjqS5RPw0Dd_POOXcYpJka64vOG1APilV9Z7kShChndsnjV-M6JXWuK9FLzyTu0JanSF98Ghq5eyy9ArGkCK8AinsUbxGSYrokNoMB5U4nA_cMAQs13gbpIYU2_Mzpg1KT1HqmVDG6Ot5aUdl6InT8PI0iBlRxWHAfFL0nd7nBpFE_CVfZoc0_J2zTl3oHKWfRPznSCX_Vlu0s4KIlpPNM8SmPGrE7xIozNMG5EWBjF8x88dsYWDqt_ENdVziZi2mTNw8MVdngLgelS1CJ-ESIpbauU8D-mI2EWVC83ALoTYlz6P-KoHJ0rTICuI27GIjj1sirgL_R6TI0YIGXu05nfsjM8xm11C1Q7-G86CD_UHCaJEmGsdIJE2oSZQtaP2aoymmQvOONANczLgU3F2qAA3RltV-0tM0rXgCNeAqNChz6DZpNuGQCzF6ZyJ7yb9tfhgilrIAnZkL51deRxK6gi_Q-PlGLHHmW5DTTdyRvbpj16RMjOmds5wqHqTHFfrxAqqr5niDybgauJHeFgBEJwSpxZpnh6zKOgCID68dK1-mj8JkPV0fy7gcIzggS3xn1ZXkFQnttTKa8Dx5yy7Ze17-xV_e07BcUE-3bKl_yrNneAOzLxNLvD2NpLhIUS7ssaSnfbCxO5QZCesDqDO1SS91Cx-kIEEWDPOyPhj5YvthLIAyIC8-I-FxkjRgpO8zUJ5logc4gtl7hFZZdq4aH7k37A9PHXBccbsiXjWH4E7PL2rDzuOxgULWUbAUXXoHsITyR87XqeQIocCduYbQVtzoGp9ju7U1AApgrwODRioG1vEEWTkMGeyy2ZJVDwE4N6KJYyhlvCamqGqshbJ8vx3tlwpPpTLvIonrSt-Zp1mBF-5sdJnlWoaWkbz8Tl3vEsINoHxFpP-cB3GhQlAVRRq_lGT06Y-OWq_nh53C_IsKb_Q26xv5qZL3vwxttmJhzaHrn0x_RvlgJgIWAUZlDo0FNjzGVwfBarSZOFc_5kVfmkjHjNdkejhqUjvNHmtsQbURlpl4pqgKjMNI77hZEnmAB3nG0e5lB1a46JeU_62_9GG4wLoEM3pEtES2N06XPf96CEqJzaGZnz11TyG5TlqVUATiP5G_rkoYqfDGjAbMPA3SN_6S_QbLpAuKsPIQMKgNk0TlG3hawdKbm5VnjnltMjaOLKqLbhZsZtPN8myxLrJKUVL-rYnwTctOODwwszFKwDjp6JFOCEBuiXhbMElCfB76PUXoMJ0uP-CJz-QgP9gXpnNyk9IDPyhXT1VsabYL1Ls10vPkfgEuxj_Xvk82S8-RKhoQcNwfOa2HPmu7sEWfONq4S-Sw35pc1q3uf_QTdDM-x4M-4LRTPr8S4oSyKRIgUtM1XvU0d0cdGESj_-MVNMgGhBw493eKQCCjYzZkpGsyEttrYmJXlEhkGaPgc2iP_xN5hEzEh29op6uGI56KjDUkQ-Kf-w7kAKSiTTxI9PGaUMM55LhJyOMBFLE2SpRYl0GTr6IpefKckGx-N6DWvWTdwRAAykfQ2HY3D8rL2tShCXCW_4ppltmCktoqBn5AeEF2RSxx2xFoQPs_4LrcLTLn7dnXrbQaFJ6dSGB7KaVaOb8HkLnCClJ2Yi5TADK44b-Jm5x_ooCFB5MJXPICm2Z8_Ib5N8Ofbq59pIUO3jXrNWaXN5chdg1gArbCnEdlIMbxkQaP1lVwQJq-gCEZ_A0ZmCBIP_IZtBxNf5LVQQio09_B8PwXV40rhntABgPfPvdesm4XpPp9dZ6oHwwh_SYrGyKdOKsCaEhoWcgxTfxiUeM7xE5zjcNkZ6-AkWvBnpL98gUSUCn9TCB2AD6Ub4CO5Wuvdsk3ZRF8nbp-dsDY64Q4019T4I0WED2uwoX5tAbevYTf8fzL7Ux7x-QRkNkB92fpi6JxRECS1EX0y4PlQHSNosF7k4viKoIMfP-okQvuSZbNFTVIeXmK-I5ck8lVOgNntwMw4pawRC4vYJawHXqlMjnoq-qqOQM4mGCiIWN5usjO48GaXnCeD9jxPUVtSXqm8rqoowhIo0Z8u5A-Xfc8oSio0mztEEkd45GRuxchu6uEHtZtOwoPug1irlDDQ7ThaMeFyToE0eTRoMg95bljQnUrZ_40MTB5Z59E9fwNHqtJzUx79TAFMb5mm4HWfmx-gLfppqwPbxFFjplIxSgH2yfEgKhTrQQG6wMNE7jALjrIGWet0aEqZy7MiuvHILAPJMZJja3AtEp8S6XSFkIZTgzFhBXqSMyZaPiUrosWUYQDKDKz7SnLt6DWC5xXhkjGepF8mJeEWBonTb-ih9sJbF_xvqMHzAij7CmV6lrdAH4gOXwoZ37wm11tv6R6iCjUR_PG1XGUfLxBJs3FIb3184SHTEzTQMa8qjpzC64JyouFRwrYOt6gOngyn38YwfM-Tq83n_qGQ9E_1Qre9bZgaWhr4mKQuRs-noA1zrj-uUi6wZ__hgFR6hnMcmO1h5yX9zV-Qa0NEPI-zCNLRJIT0A5vpa_Kzh0rYXKofC14d6-qGbgIuz3Ljy69TPP1D_oYXyFArAhQU2eWxdPSzLgvsOlDUsDdQ8xkyj6gHDnV5LcX7uRl7xHmdMZQzwTVB2rZ49ztQoiNgSl8S-YMEG10xQWzLR7uDhcJvyVHiL0qs2FTevyXc3ObnU4Ms8fLdqqO7rfZSAK6yGzJRqkN-uCdAR1PznBVcQfy2vPQQyHke4Am2lKwXfRpHanZ0pwCZk99cuXB9qouCPJ2IcmfhA75qNbbiA4YI9IeiX550Y5Ic4qq5yDJH2Rr9O2vOn-d-4IP1cPxq7Jp5zlcKKF4ISNhr-ghGISur1TvHcPDR3Bgh5NvTBgCbny86uldy-5ixJn6KnsWrxx553nmrAqy6X8MMUmN1bJMbfYLbv3D0rg7gNWVPHTrAUfC3Yool1dOWT7-LW6C7AAXmnWmIJX6baBSvF_iskXBWmLcMXdUdJ4aC0GQ08f2teCKUiyTpkznq72j_bN7uAbncwheL6Is7dYLw6DgIzl-etVDcTG5Alhewh9q_I9jWXSxMuhG6GKpTMR5GQ1EZQh83iMB8PvPCO6b-51Dfmh3NXjeNI-LJIytbgE6_wGGchy5EjUrXjsFciVBbCGZK0iADlD8ZwzGwb4DkkpwkRoRA-B9wGaL_qa2heAV1gttT_G4HUDkOBBCIDLeop2WX5t5EKqvikauy5HhyGRSrc8hLG0cpUpIcBZ3nqGD4Wl-pGW-bjva3uSrPr6AVQjpVUNBRM&cid=CAQSOwDICaaNHptKOG04QbCmP7fDMckfNPT93H6-96zY4KthZAtqat-WpwOscsaqeJsFUWShwfrTDk01A0D4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=8837078115314595000&adk=3047537735&idt=1360&cac=0&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 07:58:52 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDYzMzQyOTkyNDIzOAogIHNlcnZlcl9pcDogMTM5Nzk0NDE3CiAgcHJvY2Vzc19pZDogMjA0NzM2NDAwOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame 537E 0
489 B 184ms
183ms Image
image/png 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDYzMzQyOTkyNDIzOAogIHNlcnZlcl9pcDogMTM5Nzk0NDE3CiAgcHJvY2Vzc19pZDogMjA0NzM2NDAwOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTU4OTI1MjUxODQzMzM5OTYwMDgKZGVidWdfa2V5OiA4NzYyNzgwMDU1ODM5MDE4MDcxCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0yMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNjYzMTQ4NTgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDczOTk0ODk2NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDAxMzQxNTM2NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ4OTAyNjgyNQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZnJhbWUuaW8iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2b213537dd009f270000000000000000","13":"0xd92a365de9ae92f0000000000000000","14":"0x22b96808e5acf9270000000000000000","15":"0x5efab92c4a9a68430000000000000000"},"debug_key":"8762780055839018071","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9212252"]},"priority":"0","source_event_id":"15892525184333996008"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal123.js Show response
cdn.doubleverify.com/ Frame 537E 60 KB
20 KB 93ms
93ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253309&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0iieL9svTVYkdiBA9yX8xDi&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=489026825&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:26 GMT
Server: UploadServer
ETag: "c78e1b8588fb1329342920c4bf68cac1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19651
Expires: Thu, 21 Nov 2024 06:10:30 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 980ms
338ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 22 Nov 2023 06:10:31 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 208892
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 82ms
82ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 242897
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
418 B 128ms
128ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3f5429b07432aa179bee2465431bd390d0a83b3d680f98f3138e2626d33c31fd

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Fri, 22 Dec 2023 06:10:30 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9FE3 3 KB
2 KB 122ms
122ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1700633426946

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

df61994f6ce388fba5d4f07981d2f9558827b12fae68d5a4e5417033a9a44064

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1232
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 524D 52 KB
17 KB 621ms
297ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 77566
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 22 Nov 2023 06:10:30 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 453, 463663
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230050-FRA
X-Timer: S1700633431.935471,VS0,VE0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 6CDA 24 KB
8 KB 624ms
303ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

6dfc706a10913e0ed6ca3a49f053c1878a47b508ca22e7a9f97f7c4e3dc83e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8528
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:30 GMT
expires: Fri, 24 Nov 2023 06:10:30 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D4E0 281 B
555 B 118ms
118ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Nov 2023 06:10:30 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7729 3 KB
2 KB 787ms
469ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 746
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 829f027f5b5f24c0-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:30 GMT
expires: Wed, 22 Nov 2023 10:10:30 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 9634 37 B
140 B 613ms
297ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 22 Nov 2023 06:10:30 GMT

GET
H2 200 pd Show response
adpushup-d.openx.net/w/1.0/ Frame 3A9F 653 B
725 B 293ms
285ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6851ce884bcb52a471750ab72462fc14ce34f70e7e0d0b6c7e9d7aaaed72c9df

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 413
content-type: text/html
date: Wed, 22 Nov 2023 06:10:30 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 6ADA 9 KB
4 KB 789ms
318ms Document
text/html 13.32.27.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 77005
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Tue, 21 Nov 2023 08:47:07 GMT
etag: W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified: Mon, 02 Oct 2023 23:54:30 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-id: nP2frHzEUc_gXMIWYdrilAk5GtgeKv3aw4L_iKGns7p9go5xsVLP_g==
x-amz-cf-pop: FRA56-C2
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5: d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256: 8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 204 isyn
prebid.a-mo.net/ Frame 5115 0
0 109ms
109ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Wed, 22 Nov 2023 06:10:29 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 / Show response
csync.smilewanted.com/ Frame BC50 6 KB
2 KB 106ms
96ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f027d8af60e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:30 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9544 38 KB
13 KB 861ms
860ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 79898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 07:58:52 GMT
expires: Wed, 20 Nov 2024 07:58:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 537E 442 B
577 B 2166ms
1892ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_147483218880&jsTagObjCallback=__tagObject_callback_147483218880&num=6&ctx=1828362&cmp=115739&plc=4253309&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=147483218880&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=89&bridua=3&dup=null&ppid=103&auevent=ABAjH0iieL9svTVYkdiBA9yX8xDi&aucrtv=489026825&auorder=1011813649&ausite=881479034793&auxch=1&aulitem=20013415364&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=18&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=170&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTaudcc6aeghg%606c5_%60%60fdg54f54h2ge55fe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauK96%3F%5C92%3F%5C52%3F%5C%3C2%3A%5C3%40%5C72%3F8%5CB%3A%5CJ%40F%5CI%3A2%3F%5C5%3A2%3F%5CD9%3A%5CA%3A%3F%5C52%40%5C52%3A%5C%3D%3A%5CD9%3A%5C49F%5C5%40%3F8%5CD6%3F%5CH6%3A%5C%3D2%3A%5C56%3F8%5C%60cA%3A%3F%5C52%40%5D9E%3E%3D&dvp_exetime=6.70&aubndl=&audeal=&callbackName=__verify_callback_147483218880
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: aca03b27e434a9b249a1be763b2d37631303e24197c9ccb7a2f704560142ab9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:32 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/21/2023 06:10:32

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 130ms
130ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71697136286c3f03ceac10ba6e0bd665ca2fb1acacfa2124b8f435cb9947a6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92946
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 06:10:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 128ms
127ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80a67a62e29e33c17bf469545109d353e32ebcc43efb2fa2651f240125f448f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 06:10:30 GMT

GET
BLOB 206
Partial Content c1f0e949-174f-49da-97a7-d876c0aea4f9
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/c1f0e949-174f-49da-97a7-d876c0aea4f9
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 77c99230-6d2d-4ee1-9fa9-9f5e8f804152
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/77c99230-6d2d-4ee1-9fa9-9f5e8f804152
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 2 KB
1 KB 88ms
88ms Image
image/svg+xml 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: DE-676
cdn-cachedat: 10/31/2023 18:58:34
cdn-pullzone: 873945
last-modified: Thu, 17 Aug 2023 06:20:20 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 655
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=2592000
cdn-requestid: 1ae6fdf3d1436c124aeaf2b50690bb5d
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 1 KB
1 KB 514ms
147ms Image
image/svg+xml 138.199.37.232
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-232.bunnyinfra.net
Software: BunnyCDN-DE1-874 /
Resource Hash: 98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.unibotscdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
content-encoding: gzip
cdn-edgestorageid: 1047
cdn-storageserver: DE-676
cdn-cachedat: 10/31/2023 18:58:25
cdn-pullzone: 483488
last-modified: Thu, 01 Dec 2022 03:57:52 GMT
server: BunnyCDN-DE1-874
cdn-fileserver: 135
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 056d58abb7bb9685dea78fe3e5385846
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 99AE 752 KB
241 KB 149ms
148ms Document
text/html 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 330164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 10:27:46 GMT
expires: Sun, 17 Nov 2024 10:27:46 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 331ms
330ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 06:10:30 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 603C 40 KB
14 KB 151ms
151ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 05:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 22 Nov 2023 06:58:54 GMT

GET
H2 200 playlist.m3u8 Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 171 B
835 B 977ms
185ms XHR
application/vnd.apple.mpegurl 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-198.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: NY-267
cdn-cachedat: 04/11/2023 16:02:55
cdn-pullzone: 829957
last-modified: Fri, 09 Dec 2022 05:44:02 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 354
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: 4fae23c13a5248d6cf0c682a3640928f
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D4E0 46 KB
13 KB 602ms
600ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 23:36:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62732
Connection: keep-alive
Content-Length: 13230
Expires: Wed, 22 Nov 2023 23:36:02 GMT

GET
BLOB 200
OK f3f69583-63d9-4918-8461-69a115009b26
https://www.bg3.co/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/f3f69583-63d9-4918-8461-69a115009b26
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK f748cefb-d9f6-4106-9d47-8899b6c01e4f
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/f748cefb-d9f6-4106-9d47-8899b6c01e4f
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK 0cd175d4-430f-4a5b-877a-3f03668c8ce4
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/0cd175d4-430f-4a5b-877a-3f03668c8ce4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 9FE3 43 B
442 B 126ms
123ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700633426946
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x11 config_version:"941" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:30 GMT
Server: MT3 1143 599e619 master zrh zrh-pixel-x11 config_version:"941"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 22 Nov 2023 06:10:29 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 9FE3
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=1

0
340 B

303ms
301ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700633426946

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=1
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1700633430842071-391

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 9FE3 42 B
691 B 124ms
122ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=3E6ROQA7Hnj-tGwGVY5YI9t666dDNYfw2Sfl3Bysxyo
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700633426946
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 9FE3 0
0 125ms
122ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700633426946
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9FE3
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vj2fDm6piTTM78JPTBZS3IGcRYNh-Efn5l6kp4aY-lo

43 B
479 B

136ms
133ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vj2fDm6piTTM78JPTBZS3IGcRYNh-Efn5l6kp4aY-lo

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700633426946

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 79490V4HVZDVYJV38B5J
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vj2fDm6piTTM78JPTBZS3IGcRYNh-Efn5l6kp4aY-lo
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 9FE3 0
39 B 125ms
122ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700633426946
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 9FE3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1

0
340 B

115ms
93ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700633426946

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9FE3 70 B
148 B 123ms
121ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700633426946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:30 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame BC50 48 KB
12 KB 114ms
95ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1819581
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 829f02808ce60e62-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3A9F
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=VvgAIFmvAHBN_wR1AvsYd1T-B3dN9AMnBP6LybsX

43 B
106 B

280ms
217ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=VvgAIFmvAHBN_wR1AvsYd1T-B3dN9AMnBP6LybsX
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=VvgAIFmvAHBN_wR1AvsYd1T-B3dN9AMnBP6LybsX
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 3A9F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=702967506440777401

43 B
122 B

178ms
119ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=702967506440777401
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=702967506440777401
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 3A9F 43 B
855 B 256ms
256ms Image
image/gif 52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=593694d5-51dd-874f-9d00-9d9a41bdf4ac

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3A982XBPETZ449MK1AZA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 3A9F 70 B
148 B 78ms
77ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=01e0e8a8-4d77-3cb5-5d0e-1f0d298e3f4c&gdpr=0
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3A9F 170 B
188 B 1447ms
1446ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ4ZjNiNjItODQwMC02MjExLTQ4ZWUtNDViNGUzNmNmMTJj

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 3A9F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ5DzVKL3JCduCMwV2EbcxM&google_cver=1

43 B
61 B

182ms
180ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ5DzVKL3JCduCMwV2EbcxM&google_cver=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ5DzVKL3JCduCMwV2EbcxM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 1DD8 0
320 B 125ms
125ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f02816d770e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:31 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

1548668815510508082 Show response
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 7CE0
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
https://csync.smilewanted.com/set_partner_userid_get/smart/1548668815510508082

0
658 B

189ms
188ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smart/1548668815510508082
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f02846fd80e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:31 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Wed, 22 Nov 2023 06:10:31 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/smart/1548668815510508082

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 160ms
160ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je3b81v9134755342&_p=1700633423831&gcd=11l1l1l1l1&dma=0&cid=1270102663.1700633424&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700633431&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html&dt=%E9%9C%87%E6%92%BC%E5%BD%88%EF%BC%81%E5%87%B1%E6%93%98%E6%94%BE%E6%A3%84%E6%9C%89%E7%B7%9A%E9%9B%BB%E8%A6%96%E9%A0%BB%E9%81%93%E4%BB%A3%E7%90%86%E3%80%80%E9%87%8B%E5%87%BA%E6%9D%B1%E6%A3%AE%E7%B7%AF%E4%BE%86%E7%AD%8914%E9%A0%BB%E9%81%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1&tfd=10350
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

3297053945854328167 Show response
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame E42E
Redirect Chain

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
https://csync.smilewanted.com/set_partner_userid_get/appnexus/3297053945854328167

0
381 B

101ms
97ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/appnexus/3297053945854328167
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f02823e080e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:31 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 317c565f-5431-4d33-a574-8ac513d9b3f5
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 06:10:31 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/appnexus/3297053945854328167
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 204 ping
onetag-sys.com/v2/ Frame 012C 0
77 B 154ms
153ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ Frame 012C 0
77 B 153ms
153ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2

200

LP9D8EUI-1L-I09C Show response
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 5941
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP9D8EUI-1L-I09C?gdpr=0

0
373 B

174ms
172ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP9D8EUI-1L-I09C?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f02823e090e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:31 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP9D8EUI-1L-I09C?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
content-length: 0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B74 39 KB
15 KB 29ms
28ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 6935 2 KB
1001 B 91ms
84ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2ab8706e72416ef5a1131438c1efe92fe6bd8830442e0fdace9065d6429692

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 829f0282cb9b01e3-ZRH
content-encoding: br
content-type: text/html
date: Wed, 22 Nov 2023 06:10:31 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2egASCHkLGISHo6tGYUT9DrjFcR1oYGVrKx9GoO%2F8nRnBf%2BD7VOm%2BUfWCz7dE8u2xQEpRXW2tA6eDriqLVL5SBKrCKAMJ5MZdrRx8WW92bHlmLc8Yw04X9DLB8Xkg0cOIVNmDzZNrzgWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0C7E 16 KB
6 KB 368ms
185ms Document
text/html 2.18.96.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=132390
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 22 Nov 2023 06:10:31 GMT
expires: Thu, 23 Nov 2023 18:57:01 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

5f8bc02d-698c-4fcd-b085-5e834e2bf308&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 506F
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/5f8bc02d-698c-4fcd-b085-5e834e2bf308&partner_id=1010

0
558 B

70ms
69ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/5f8bc02d-698c-4fcd-b085-5e834e2bf308&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f028829ec0e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Wed, 22 Nov 2023 06:10:32 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/5f8bc02d-698c-4fcd-b085-5e834e2bf308&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 55C4 3 KB
1 KB 613ms
244ms Document
text/html 34.243.178.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.178.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-178-203.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d0ac70e76477c4bd3ef42cb681292bf9708c6327a293fc48ed36f7d19e2db1a4

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 22 Nov 2023 06:10:31 GMT
etag: W/"06fb53bddc44215c9d9a943b936c2c02f"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 37A6 3 KB
1 KB 64ms
63ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

c64ff8e2d3e0d64e5c6b8e60688c3653fc4d87431852340fa927617f317b6d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1137
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame E5E7 748 B
850 B 347ms
88ms Document
text/html 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: a3647da88e79ef9de768bbd877d59489fc5ced15e3ca0b139c6f6244ef1c256e

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 748
content-type: text/html
date: Wed, 22 Nov 2023 06:10:31 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 0585 2 KB
987 B 133ms
132ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91cd2149ed847c43cca1c9ccb5ecdba0571fb70c78a4625ac525222078031a0a

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 829f0282fbd001e3-ZRH
content-encoding: br
content-type: text/html
date: Wed, 22 Nov 2023 06:10:31 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X4f0%2F9L5fhHhgjD27Pn9xtK1q7VuLRAXlgXrK%2FLJB0XR5jUI%2FU3IlGa%2FxfDl5lkLZWqJb8aDAgHqrG0IfEJBPQF5O6vXUMHGGBMf0ZSvGr2TYMhKYZKowdh4LiUMMIoAh4GxCxjtRKKqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0EC6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
555 B

78ms
77ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Nov 2023 06:10:31 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 22 Nov 2023 06:10:31 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EC2E 16 KB
6 KB 434ms
281ms Document
text/html 2.18.96.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=132390
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 22 Nov 2023 06:10:31 GMT
expires: Thu, 23 Nov 2023 18:57:01 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 05D7 1 KB
1 KB 847ms
197ms Document
text/html 18.66.112.67

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: efbb190c5834b79ddaf1d917137a3b7644ed4f406c44e1b653f6c9af6e791ce0

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-encoding: gzip
content-type: text/html
date: Wed, 22 Nov 2023 06:10:32 GMT
server: istio-envoy
vary: Accept-Encoding
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-id: oGsfI9G4rhUIk7cKFmwE-1f8pp3p_KbF2gVXownPjAkgb3-2YJ5zag==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 3

GET user-sync
sync.adkernel.com/ Frame 89B8 0
0

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 6FCA 557 B
1011 B 608ms
247ms Document
text/html 174.129.18.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 174.129.18.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-18-228.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 87d53a6a97e1d3743f7da666003b217378a519ac1839c8ed5761f5bbc0dd0f10

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 557
content-type: text/html
date: Wed, 22 Nov 2023 06:10:31 GMT
server: istio-envoy
x-envoy-upstream-service-time: 6

GET
H2

200

sync
ads.servenobid.com/ Frame 6ADA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=3297053945854328167

0
344 B

71ms
70ms

Image
image/avif

54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=3297053945854328167
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
an-x-request-uuid: 76ab355b-27ad-4576-84b5-5dc6fb95f5eb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=3297053945854328167
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 6ADA
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=HsoSrRZHFXBbf0tSRW-6s_OX

0
350 B

363ms
360ms

Image
image/avif

54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=HsoSrRZHFXBbf0tSRW-6s_OX
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:31 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=HsoSrRZHFXBbf0tSRW-6s_OX
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 6ADA 0
277 B 521ms
159ms Image
text/plain 216.52.2.86
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 06:10:31 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET

cs
ad.turn.com/r/ Frame 6ADA
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700633431776
https://ad.turn.com/r/cs?pid=45&rndcb=8087599572

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 6ADA
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5133329528937123030

0
344 B

116ms
94ms

Image
image/avif

54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5133329528937123030
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5133329528937123030
Date: Wed, 22 Nov 2023 06:10:31 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame 6ADA
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=4bb1a811-f7c3-4156-b1fa-e757932e4c7e

0
356 B

69ms
68ms

Image
image/avif

54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=332&uid=4bb1a811-f7c3-4156-b1fa-e757932e4c7e
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-130
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.servenobid.com/sync?pid=332&uid=4bb1a811-f7c3-4156-b1fa-e757932e4c7e
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 6ADA
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

70ms
70ms

Image
image/avif

54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Wed, 22 Nov 2023 06:10:30 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 6ADA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A

0
367 B

140ms
136ms

Image
image/avif

54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A
date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

match
ssp.disqus.com/ Frame 6ADA
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz...
https://ssp.disqus.com/match?bidder=14&buyeruid=3297053945854328167&r=Cid1YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnV...
https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01O...
https://ssp.disqus.com/match?bidder=29&buyeruid=QbE74iHUbmzp&r=Cid1YS0yODM4MmJlOC00NzNkLTMyOTktYTc0MS01OGRiNWM5MmJmOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 6ADA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A

0
367 B

67ms
64ms

Image
image/avif

54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-PBNo7fxE2uGkRWqRvXHdmU1yA.UfEm.t_6HY40w-~A
date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 6ADA 0
35 B 684ms
324ms Image
text/plain 18.196.51.148

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.51.148 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 6ADA
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

228ms
226ms

Image
image/avif

54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 22 Nov 2023 06:10:31 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Wed, 22 Nov 2023 06:10:31 GMT

GET
H2 200 rtct_adp_lib.20200515.min.js Show response
js.genieessp.com/j/ Frame E08F 16 KB
6 KB 418ms
416ms Script
application/javascript 133.186.12.16
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1551001
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.16 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p016.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 02:05:33 GMT
server: nginx
etag: W/"6556ca6d-411a"
content-type: application/javascript
cache-control: max-age=31536000, private
cross-origin-resource-policy: cross-origin
expires: Thu, 21 Nov 2024 06:10:31 GMT

GET
H2 200 cic
ialaddin.genieesspv.jp/yie/ld/ Frame E08F 43 B
239 B 326ms
324ms Image
image/gif 222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ialaddin.genieesspv.jp/yie/ld/cic?cik=1dKsqIPjnJhpzbj4vKvT5rjLD2XV-KDkdz31lcrpO5AdzD4TgynzzGqUCRlVXC0Da2Mr9KInPyH_VO0bKhfgVqsqnEA&noas=11030163
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

a4aa2a3e-7d12-022b-1b7b-d8e15732973e Show response
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 05BA
Redirect Chain

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://csync.smilewanted.com/set_partner_userid_get/openx/a4aa2a3e-7d12-022b-1b7b-d8e15732973e

0
434 B

59ms
56ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/openx/a4aa2a3e-7d12-022b-1b7b-d8e15732973e
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f0283ef530e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:31 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Wed, 22 Nov 2023 06:10:31 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/openx/a4aa2a3e-7d12-022b-1b7b-d8e15732973e
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 524D 0
595 B 90ms
89ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
an-x-request-uuid: d8860f74-dba6-4b77-987d-fd649dfd3a01
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 6277 0
0 472ms
161ms Document
text/plain 216.52.2.86
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 06:10:31 GMT
X-Sovrn-Pod: ad_ap4ams1

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6935 70 B
148 B 75ms
74ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 6935 43 B
855 B 152ms
151ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AFAB7T3SX4G90BY37ZMJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 6935
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFhgZ7_RJTi3Hiw4GPpFuhA&google_cver=1

43 B
737 B

113ms
113ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFhgZ7_RJTi3Hiw4GPpFuhA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKztkJCs%2FRFV5JxIHnZpP0h5zMXMuheL73phgo%2B9jWHrBF1CIFW7MgwskHGnA2LHcfnhbvfN2IiLzcWR%2FX57q%2B%2B4dIX22%2BGneYN1nRFYkdTTil4fFBXK8eeVLculpLa%2FepjQgig3R4r9RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f028b99db01eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFhgZ7_RJTi3Hiw4GPpFuhA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

sync
live.rezync.com/ Frame 6935
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a6f3623384e84b298af1f53358258fc2
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a6f36233-84e8-4b29-8af1-f53358258fc2

0
0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 6935
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180

42 B
716 B

67ms
66ms

Image
image/gif

54.73.183.248

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

54.73.183.248 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-08dbc1c84.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: M+zYkC0FSzE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0df1f10d6.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: OJGvMx5RQYg=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6935
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=qv9Fm2I0WVN6b--jWnIs9FNMgQ8

43 B
734 B

122ms
120ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=qv9Fm2I0WVN6b--jWnIs9FNMgQ8
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjS%2FEz79nCR6aXhpx9n5rSByo%2BzamZsOi3Z%2BwFHYR5lgLuRj1quwb4sPNy8oUR5xpjmNCDEJhyoZuP6TbEidbksLKXniOSRHVH9dtYjWVTVrs5qmiRhg5XyQIrb9XeB%2B8oDS9eVP7crrCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f0288eceb01eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=qv9Fm2I0WVN6b--jWnIs9FNMgQ8
Date: Wed, 22 Nov 2023 06:10:32 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6935
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

43 B
732 B

107ms
103ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvfaFIfQaeFmj7mJnt2Fk3L3f4ZsTlbgHzQsMLp%2BTWS5tNciRWfOUhmk0L64q8MNn2V0BPQLpo%2FlH0CqNhdXACQZCcofPTOFllB%2FxTAQISLmR9Qj0Ab9Nl7BNVj7dLvlnGXQ9karkX7KmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f0287099f01eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date: Wed, 22 Nov 2023 06:10:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
content-type: text/html; charset=utf-8

GET

qmap
sync.crwdcntrl.net/ Frame 6935
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...

0
0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 6935 43 B
252 B 76ms
67ms Image
image/gif 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZV2bVdbVAYr6aDF5yOGvpAAA%261180
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 12295
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 829f02836d3924c0-ZRH
content-length: 43
expires: Thu, 23 Nov 2023 06:10:31 GMT

GET

/
onetag-sys.com/match/ Frame 37A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEH4taUr5etHJJ00tcXpLy-M&google_cver=1

0
0

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 37A6 43 B
441 B 65ms
63ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x4 config_version:"941" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:31 GMT
Server: MT3 1143 599e619 master zrh zrh-pixel-x4 config_version:"941"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 22 Nov 2023 06:10:30 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 37A6 42 B
691 B 63ms
62ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Vj2fDm6piTTM78JPTBZS3IGcRYNh-Efn5l6kp4aY-lo
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 37A6 0
0 65ms
63ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET

pixel
cm.g.doubleclick.net/ Frame 37A6
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=

0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 37A6 70 B
148 B 139ms
138ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
ads.servenobid.com/ Frame 37A6 0
365 B 251ms
250ms Image
image/avif 54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=318&uid=Vj2fDm6piTTM78JPTBZS3IGcRYNh-Efn5l6kp4aY-lo
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

702967506440777401 Show response
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 3280
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
https://csync.smilewanted.com/set_partner_userid_get/adform/702967506440777401

0
500 B

98ms
93ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/adform/702967506440777401
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f028709510e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/plain
date: Wed, 22 Nov 2023 06:10:31 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/adform/702967506440777401
server: nginx

GET

sync
live.rezync.com/ Frame 0585
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV2bVdbVAYr6aDF5yOGvpAAA%261180&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=32faf07e57204138ad918c4d0fbf1d3e
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a6f36233-84e8-4b29-8af1-f53358258fc2

0
0

GET
H2 200 ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0585 43 B
601 B 83ms
83ms Image
image/gif 99.81.53.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.53.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0585
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3297053945854328167

43 B
734 B

217ms
217ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3297053945854328167
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LEPhp2DR5LmZeSfEH72c5pwVPG3qENZzqvET3%2BlSn%2BFhrzk6j2bjWkFOaOXV48lHIXymvHAnuSdxar9ZCZBXJHN9lG3gD3ss7fXOyU%2BuO6WUrT758cjduz8MuUVyRs7RjmeDg85FsnKPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f02844d4801eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
an-x-request-uuid: 89bdfee1-8547-4d2d-b12f-ec87b59a3448
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3297053945854328167
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 0585
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=33895d19fb22ca4c37e18eaf6a685fc&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1972_7304728642613807053&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzM4OTVkMTlmYjIyY2E0YzM3ZTE4ZWFmNmE2ODVmYw==&gdpr=0&gdpr_consent=

0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0585
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1548668815510508082&gdpr=0&gdpr_consent=

43 B
735 B

165ms
164ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1548668815510508082&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3P8rqHdvNBc5eluZcWmClwCE%2FW5aKgFE2yb%2FL7grL5su%2FVyLRDfydaaY9S30iKYI82ZOZCR3mR%2B4AtRZieBO%2FCbOxpglkohmHftIhs69zApHO3wP856NKlUv1q325n%2BzkWCCz4Wn3Qn0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f0285bfb401eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1548668815510508082&gdpr=0&gdpr_consent=
date: Wed, 22 Nov 2023 06:10:31 GMT
content-length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0585
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
740 B

206ms
204ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05FIYUvfuN4yRe56s0mRP%2FXK4%2FWtFdT%2FT%2BzHZ9EhbGxrXOwWhifeAD%2BvWMUdscBHk3HZutMCoRmZwou9uwg4Wc%2BWP9KzDIO2U9o8wzc6%2B7R9HMIYQ7xuzAZuufoZ%2FnxVI0TuUEIFmSW34g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829f0288ecec01eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0585
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB

43 B
601 B

111ms
111ms

Image
image/gif

99.81.53.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Server

99.81.53.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB
date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 0585 43 B
855 B 191ms
185ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2XPPC6BZMXZC7S70E42T
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 0585 0
357 B 281ms
270ms Image
image/avif 54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZV2bVdbVAYr6aDF5yOGvpAAABJwAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9544 39 KB
15 KB 281ms
275ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0EC6 46 KB
13 KB 185ms
179ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 23:36:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62731
Connection: keep-alive
Content-Length: 13230
Expires: Wed, 22 Nov 2023 23:36:02 GMT

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 9928
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
80 B

114ms
113ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f0288fa5b0e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Nov 2023 06:10:32 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET
H2

200

gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 4B32
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k?pi=smilewanted&tc=1

0
562 B

127ms
125ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f0287496e0e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Wed, 22 Nov 2023 06:10:32 GMT Wed, 22 Nov 2023 06:10:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k?pi=smilewanted&tc=1
pragma: no-cache

POST
H2 200 /
track.adform.net/csimpr/ Frame 7E7E 35 B
589 B 76ms
76ms Ping
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=68934215&csi=2_UGSF8OVHJ5XtrccL0RYCAg1F1TUp5marGKqewWTIkJDwKV3Zer3PWmS-6wKMJkM2CJAQi9HYY7xAljhLp5QOZlFPnZ9_kIoe7qFtVQ3DkDvP-67D9Y4w2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 video.m3u8 Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 4 KB
1 KB 52ms
52ms XHR
application/vnd.apple.mpegurl 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-198.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: 4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
content-encoding: gzip
cdn-edgestorageid: 864
cdn-storageserver: DE-588
cdn-cachedat: 10/31/2023 19:01:47
cdn-pullzone: 829957
last-modified: Fri, 09 Dec 2022 05:43:14 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 301
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: 64515cec0a33998593651e5ee0e4ac27
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sync
ads.servenobid.com/ Frame E5E7 0
344 B 219ms
218ms Image
image/avif 54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=1548668815510508082&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET

pixel
cm.g.doubleclick.net/ Frame E5E7
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTU0ODY2ODgxNTUxMDUwODA4Mg==&gdpr=0&gdpr_consent=

0
0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame E5E7 0
34 B 345ms
344ms Image
text/plain 18.196.51.148

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.51.148 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame E5E7
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3297053945854328167&gdpr=0&gdpr_consent=

43 B
408 B

324ms
110ms

Image
image/gif

185.86.138.153

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3297053945854328167&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.153 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
an-x-request-uuid: f85d853f-f00c-44e5-88f8-b3da66f4a06a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3297053945854328167&gdpr=0&gdpr_consent=
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame E5E7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7304164972929022106&gdpr=0&gdpr_consent=

43 B
428 B

180ms
158ms

Image
image/gif

185.86.138.153

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7304164972929022106&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.153 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Nov 2023 06:10:31 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7304164972929022106&gdpr=0&gdpr_consent=
Date: Wed, 22 Nov 2023 06:10:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 13311272.js Show response
s1.adform.net/Banners/Elements/Files/2135726/13311272/ Frame 7206 3 KB
2 KB 41ms
40ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2135726/13311272/13311272.js?ADFassetID=13311272&bv=257
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 44ade2ec01f729473700678dcbe209b33f16266837991014e6f622c590876170

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:31 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 13:34:40 GMT
server: nginx
x-amz-request-id: tx00000196a4fa3bf7c4d20-00653198db-32959ea8-default
etag: W/"d6c6e0ff915406890c477664009096be"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 0EC6 7 B
778 B 101ms
101ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LP9D8EUI-1L-I09C
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/115739;4253307;201;jsappend;DV360;DV360FY20EDUBEHCustomAffinityCHDSKBAN300x250/ Frame 6891 2 KB
1 KB 339ms
109ms Script
text/javascript 23.215.22.232

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/115739;4253307;201;jsappend;DV360;DV360FY20EDUBEHCustomAffinityCHDSKBAN300x250/?ftOBA=1&ft_domain=www.bg3.co&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.bg3.co%2F&us_privacy=${US_PRIVACY}&cachebuster=599878.8128804374&ft_dv=%5B%25ft_dv%25%5D

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.22.232 -, , ASN (),

Reverse DNS

Software

prod-xre-app8.frk11 /

Resource Hash

19fc178c0204ec42843f1d5351acbcab22cec8d512183cd9a152dd956a7d1cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app8.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 779
Expires: Wed, 22 Nov 2023 06:10:32 GMT

GET
H/1.1 200
OK dv-measurements4951.js Show response
cdn.doubleverify.com/ Frame 907C 424 KB
100 KB 246ms
245ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4951.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 10:52:29 GMT
Server: UploadServer
ETag: "b47e628f652d93d0e7ba169948af091c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102052
Expires: Thu, 21 Nov 2024 06:10:31 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FB7D 1 KB
758 B 201ms
167ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com
URL: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://544e268981e4d011758dc7dc9a86dd76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 30819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 7206
Redirect Chain

https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js

30 KB
14 KB

218ms
216ms

Script
application/javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhen-han-dan-kai-bo-fang-qi-you-xian-dian-shi-pin-dao-dai-li-shi-chu-dong-sen-wei-lai-deng-14pin-dao.html
Protocol: H2
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 08:14:37 GMT
server: nginx
x-amz-request-id: tx000003200605ea56ced66-00655c671a-32959ea8-default
etag: W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date: Wed, 22 Nov 2023 06:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 22 KB
0 198ms
197ms XHR
video/mp2t 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-198.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
cdn-edgestorageid: 1076
cdn-storageserver: DE-164
cdn-cachedat: 10/31/2023 19:00:16
cdn-pullzone: 829957
content-length: 345356
last-modified: Fri, 09 Dec 2022 05:43:17 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 510
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: bf3c84c1f8d51cf9086902862069fdf7
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0C7E 2 KB
3 KB 415ms
125ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17710776&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70985fb88c30c930516c0f2819c71b149fd1ce575511b62d3b09448315eb72b2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 0EC6 0
0

GET
DATA 200
OK truncated
/ Frame 6891 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f96fb285fc5e5f7d282f330d6b577295220fef1c8128659884b139173016d7f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 55C4
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=3297053945854328167

35 B
250 B

591ms
110ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=3297053945854328167
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:32 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
an-x-request-uuid: c6917b74-ec6b-4f95-ab21-8c2ffc9f0730
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=3297053945854328167
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

sync
u.ipw.metadsp.co.uk/ Frame 55C4
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_21207567-4782-4248-8e72-5f56999f4713&gdpr=0&gdpr_consent=&us_privacy=1---
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=52e45776-82af-4e0a-a4d7-08d4ce5d9370&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

0
0

GET

usersync
usersync.gumgum.com/ Frame 55C4
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=f6dd4cd8-6562-04e3-3a75-0fe0e1de3e0a

0
0

GET

usersync
usersync.gumgum.com/ Frame 55C4
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-aaff459b-6234-5953-7a6f-efa35a722cf4$ip$83.76.129.15

0
0

GET

usersync
usersync.gumgum.com/ Frame 55C4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-0AyVmxxE2pdU3Ly2_Bb7LctniIjeSAX_UBjk~A

0
0

GET

usersync
usersync.gumgum.com/ Frame 55C4
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=5488124a-7e58-4c4b-8e68-4599c4a8104e

0
0

GET 142
match.deepintent.com/usersync/ Frame 55C4 0
0

GET

usersync
usersync.gumgum.com/ Frame 55C4
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_21207567-4782-4248-8e72-5f56999f4713&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_21207567-4782-4248-8e72-5f56999f4713&s=2&us_privacy=...
https://usersync.gumgum.com/usersync?b=zem&i=-PjNz-Iae-kg_QTE_TLp&gdpr=0&us_privacy=1---

0
0

GET

usersync
usersync.gumgum.com/ Frame 55C4
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=n8pVY6nS5ywY&ev=1&pid=558355

0
0

GET

usersync
usersync.gumgum.com/ Frame 55C4
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=1548668815510508082

0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 55C4 0
358 B 160ms
147ms Image
image/avif 54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_21207567-4782-4248-8e72-5f56999f4713
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

cs
cs.yellowblue.io/ Frame 6FCA
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=0

0
330 B

472ms
134ms

Image
application/javascript

108.129.5.53

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11601&id=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=0
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 108.129.5.53 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 06:10:32 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cs.yellowblue.io/cs?aid=11601&id=33895d19fb22ca4c37e18eaf6a685fc&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1700633432202048-398

GET
H2

200

cs
cs-server-s2s.yellowblue.io/ Frame 6FCA
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=E365C00B-06D8-450C-97A7-D763579C8EFA

0
329 B

108ms
107ms

Image
application/javascript

174.129.18.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=E365C00B-06D8-450C-97A7-D763579C8EFA
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 174.129.18.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-18-228.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=E365C00B-06D8-450C-97A7-D763579C8EFA
date: Wed, 22 Nov 2023 06:10:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 115
content-type: text/html; charset=utf-8

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 6FCA 0
34 B 90ms
85ms Image
text/plain 18.196.51.148

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.51.148 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 6FCA 0
341 B 151ms
146ms Image
image/avif 54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=352&uid=NwQX8Lz-kp_s
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 53FE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=702967506440777401&gdpr=0&gdpr_consent=

35 B
208 B

80ms
61ms

Document
image/gif

34.243.178.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=702967506440777401&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.178.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-178-203.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Wed, 22 Nov 2023 06:10:32 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 22 Nov 2023 06:10:32 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=702967506440777401&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET pixel
cm.g.doubleclick.net/ Frame 67FA 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 22DD 16 KB
6 KB 91ms
84ms Document
text/html 2.18.96.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=132389
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 22 Nov 2023 06:10:32 GMT
expires: Thu, 23 Nov 2023 18:57:01 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 8BA7 70 B
148 B 153ms
147ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Wed, 22 Nov 2023 06:10:32 GMT
server: Kestrel

GET idsync
tg.socdm.com/aux/ Frame 376E 0
0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 431B
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k&pi=gumgum

35 B
250 B

358ms
136ms

Document
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k&pi=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 22 Nov 2023 06:10:32 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Wed, 22 Nov 2023 06:10:32 GMT Wed, 22 Nov 2023 06:10:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=gr_TE0TwOLBUBr4udl1BL22775oeDFmNcFynhEfE38k&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 84C5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

100ms
99ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Nov 2023 06:10:32 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 22 Nov 2023 06:10:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 05D7
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=98b90aac-32e5-03e1-2596-06fa698db5a9

0
485 B

154ms
152ms

Image
application/javascript

18.66.112.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=98b90aac-32e5-03e1-2596-06fa698db5a9
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.67 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: RUDn3F5iGL4E57Dh8lvstyKBMyCedDzHtsdgWBctm90k2vz0J6fv4Q==

Redirect headers

date: Wed, 22 Nov 2023 06:10:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=98b90aac-32e5-03e1-2596-06fa698db5a9
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 05D7
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

0
532 B

182ms
181ms

Image
application/javascript

18.66.112.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.67 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
x-reason: missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: iLTymeb8Ef_eY1X4k6hLHPoXMTxiMahTayIIUQKM3K2racYpu1sefg==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date: Wed, 22 Nov 2023 06:10:31 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 05D7
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=E365C00B-06D8-450C-97A7-D763579C8EFA

0
486 B

272ms
271ms

Image
application/javascript

18.66.112.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=E365C00B-06D8-450C-97A7-D763579C8EFA
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.67 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: xeH0EwqXm6F4TaKQLibNYPc7gLMM4Hn0ftd-8ngAUd2sByn-XaOJyg==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=E365C00B-06D8-450C-97A7-D763579C8EFA
date: Wed, 22 Nov 2023 06:10:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 117
content-type: text/html; charset=utf-8

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 05D7
Redirect Chain

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2553157775425419362823

0
486 B

160ms
160ms

Image
application/javascript

18.66.112.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2553157775425419362823
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.67 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: _06iOSm4VjZFp9R9-q-h-HYaBYuaDfDfOQqz5uNACrSQQAhzppy7IQ==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2553157775425419362823
date: Wed, 22 Nov 2023 06:10:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 05D7 0
277 B 67ms
64ms Image
text/plain 216.52.2.86
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 06:10:32 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 05D7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZV2bVdbVAYr6aDF5yOGvpAAA%261180

0
488 B

180ms
178ms

Image
application/javascript

18.66.112.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZV2bVdbVAYr6aDF5yOGvpAAA%261180
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.67 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: ZWDya6ELaSsgGOGxdyNKUSHwcyBeVqkAYXsVIwkJ6L-BLWGkXRDORQ==

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MEzeVtVYwnBiGm3040epuWlKd1fvPrNT09Heq0ddUTPzY0JS3Yuk9WpXky%2FIy%2FvxanFlW1axnzf54AXp5pl8%2FJv5Z8XXTILzOuvNCLwscKkB0UaYR86VcCB81e%2BhJx7hSSABMb%2Bu0vpzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZV2bVdbVAYr6aDF5yOGvpAAA%261180
cache-control: no-cache
cf-ray: 829f0288ece701eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 05D7
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=ddb45ef80f7270610255a4c21dee08d5

0
487 B

161ms
160ms

Image
application/javascript

18.66.112.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=ddb45ef80f7270610255a4c21dee08d5
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.67 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: 2HDK79Fh56HeIWGN9DYPqnDQNFRBekpxlHmapdZ17tRXIQJQvhNKxA==

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=ddb45ef80f7270610255a4c21dee08d5
x-kong-upstream-latency: 2
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 05D7 0
341 B 121ms
117ms Image
image/avif 54.72.113.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=348&uid=GYRX5L--k_mm
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET j-4253307-4526958.js
cdn.flashtalking.com/xre/425/4253307/4526958/js/ Frame 6891 0
0

GET current
dclk-match.dotomi.com/match/bounce/ Frame FB7D 0
0

GET

pixel
cm.g.doubleclick.net/ Frame FB7D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAHYtfxCwP1UzhAsCQgT32w&google_cver=1&google_push=AXcoOmRz1PTkh7y1KhY81Zmj2M8dybeB_dF6wUax4ySRm_Acfi66Dlf1No1hz6nEw656Dp3_4SsW2nbaD8ZRKPk0D-PQSa9...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRz1PTkh7y1KhY81Zmj2M8dybeB_dF6wUax4ySRm_Acfi66Dlf1No1hz6nEw656Dp3_4SsW2nbaD8ZRKPk0D-PQSa99KSni9w&google_hm=eS1kRVRrVS54RTJwR1hP...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame FB7D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEOLdS1DDZk-Pru-cRScLyMg&google_cver=1&google_push=AXcoOmSnN6CK5syJC60296CtTFwvUNoBJ7JK_TM8kPurFEiXvOtidgGNduGWYCQ90aoc5DPYpy9qRE3YqKvlyzGLpQuj7rsviwooOw
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSnN6CK5syJC60296CtTFwvUNoBJ7JK_TM8kPurFEiXvOtidgGNduGWYCQ90aoc5DPYpy9qRE3YqKvlyzGLpQuj7rsviwooOw&google_hm=3rZilOTxhZu7elO6-pcF9g==

0
0

GET

pixel
cm.g.doubleclick.net/ Frame FB7D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=42XACwbYRQyXp9djV5yO-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

0
0

GET sync
t.adx.opera.com/pub/ Frame FB7D 0
0

GET

pixel
cm.g.doubleclick.net/ Frame FB7D
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEIQhSauT1JWjD9Y7d4-EPT8&google_cver=1&google_push=AXcoOmRyNB5DqXEK9i4AVDC1g2Qr4ts3xdjbkYjyntN9XZSncbULQlKQ_wVg5NyY6VCTLkeXRaN-t...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEIQhSauT1JWjD9Y7d4-EPT8&google_push=AXcoOmRyNB5DqXEK9i4AVDC1g2Qr4ts3xdjbkYjyntN9XZSncbULQlKQ_wVg5NyY6VCTLkeXRaN-t...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRyNB5DqXEK9i4AVDC1g2Qr4ts3xdjbkYjyntN9XZSncbULQlKQ_wVg5NyY6VCTLkeXRaN-tZ2KbWr2PA3nlLZ9ZzXWb7TyBQ&google_hm=a2R6R2gyQ0lXUU...

0
0

GET CAESEJDMAcdQ2gQHuORN2ufCfpc
an.yandex.ru/mapuid/google/ Frame FB7D 0
0

GET attr
cm.g.doubleclick.net/pixel/ Frame FB7D 0
0

GET
H3 200 pd Show response
eu-u.openx.net/w/1.0/ Frame F4B1 802 B
475 B 159ms
158ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Requested by: Host: genieeintl-d.openx.net
URL: https://genieeintl-d.openx.net/w/1.0/jstag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e9a050612a69f613491d468fba47b8d2ec705fffb4986a7e30bcb54776301097

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 456
content-type: text/html
date: Wed, 22 Nov 2023 06:10:32 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET visit.js
tps.doubleverify.com/ Frame 907C 0
0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 524D 0
594 B 58ms
56ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 06:10:32 GMT
an-x-request-uuid: f029338c-49a9-4525-8d9b-b4e5ccba38c8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 83.76.129.15; 83.76.129.15; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 84C5 46 KB
13 KB 230ms
229ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 06:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 23:36:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62730
Connection: keep-alive
Content-Length: 13230
Expires: Wed, 22 Nov 2023 23:36:02 GMT

GET 64d4e74a0a0c2639203489fe
c.bannerflow.net/a/ Frame 7206 0
0

GET
H/1.1 200
OK img Show response
sync.mathtag.com/sync/ Frame 5287 43 B
441 B 76ms
75ms Document
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x3 config_version:"941" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 22 Nov 2023 06:10:32 GMT
Expires: Wed, 22 Nov 2023 06:10:31 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1143 599e619 master zrh zrh-pixel-x3 config_version:"941"

GET usersync.aspx
dis.criteo.com/dis/ Frame 68E4 0
0

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 32A2 43 B
855 B 69ms
68ms Document
image/gif 52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E365C00B-06D8-450C-97A7-D763579C8EFA&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 22 Nov 2023 06:10:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: D047RNX9RN1SVWRAB98J

GET

Pug
image2.pubmatic.com/AdServer/ Frame 1B48
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mRAwL5ZHMH-CFzR6zRMoeJsWN3iCHDMoyxaH6srW
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=61ecc639-0d8e-44ab-961b-74dc9dfb5a28-655d9b57-4348&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 25DD
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3297053945854328167&gdpr=0&gdpr_consent=

0
0

GET
H2 200 E365C00B-06D8-450C-97A7-D763579C8EFA Show response
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 6DE3 0
620 B 126ms
124ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/E365C00B-06D8-450C-97A7-D763579C8EFA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 829f028acb860e62-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 06:10:32 GMT
server: cloudflare
vary: Accept-Encoding

GET pixel
cm.g.doubleclick.net/ Frame 0C7E 0
0

GET

qmap
sync.crwdcntrl.net/ Frame 0C7E
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E365C00B-06D8-450C-97A7-D763579C8EFA&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E365C00B-06D8-450C-97A7-D763579C8EFA&gdpr=0&gdpr_consent=&ct=y

0
0

GET cr
cr.frontend.weborama.fr/ Frame 0C7E 0
0

GET match
a.audrte.com/ Frame 0C7E 0
0

GET pubmatic
um.simpli.fi/ Frame 0C7E 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0C7E 70 B
148 B 130ms
126ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 0C7E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=702967506440777401

0
0

GET

SPug
image4.pubmatic.com/AdServer/ Frame 0C7E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E365C00B-06D8-450C-97A7-D763579C8EFA&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Wtjyg7dE2uVmt5ZprgiBKWGcnZHqeOw-~A&gdpr=0

0
0

GET
H2 200 E365C00B-06D8-450C-97A7-D763579C8EFA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0C7E 43 B
601 B 130ms
127ms Image
image/gif 99.81.53.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/E365C00B-06D8-450C-97A7-D763579C8EFA?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.53.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

sd
us-u.openx.net/w/1.0/ Frame F4B1
Redirect Chain

https://p.rfihub.com/cm?pub=25&in=1
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329528937123030

0
0

GET ny75r2x0&gdpr=0
sync-tm.everesttech.net/upi/pid/ Frame F4B1 0
0

GET openx
tr.blismedia.com/v1/api/sync/ Frame F4B1 0
0

GET

pixel
cm.g.doubleclick.net/ Frame F4B1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWklFN0t1emNBQUJSRmxXSkZ4QQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...

0
0

GET current
openx2-match.dotomi.com/match/bounce/ Frame F4B1 0
0

GET sync
sync.srv.stackadapt.com/ Frame F4B1 0
0

GET dds
rtb.openx.net/sync/ Frame F4B1 0
0

GET
H2 200 95278eec-dddb-aefc-6cd9-09f8d6d9f205
pr-bh.ybp.yahoo.com/sync/openx/ Frame F4B1 43 B
601 B 76ms
74ms Image
image/gif 99.81.53.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/95278eec-dddb-aefc-6cd9-09f8d6d9f205?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.53.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS